Lines Matching defs:hapd
46 static bool ieee802_1x_finished(struct hostapd_data *hapd,
51 static void ieee802_1x_send(struct hostapd_data *hapd, struct sta_info *sta,
68 xhdr->version = hapd->conf->eapol_version;
70 if (xhdr->version > 2 && hapd->conf->macsec_policy == 0)
82 if (hapd->ext_eapol_frame_io) {
88 wpa_msg(hapd->msg_ctx, MSG_INFO,
96 rsn_preauth_send(hapd, sta, buf, len);
101 link_id = hapd->conf->mld_ap ? hapd->mld_link_id : -1;
104 hapd, sta->addr, buf, len,
112 static void ieee802_1x_set_authorized(struct hostapd_data *hapd,
122 update = ap_sta_set_authorized_flag(hapd, sta, authorized);
123 res = hostapd_set_authorized(hapd, sta, authorized);
125 ap_sta_set_authorized_event(hapd, sta, authorized);
126 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
142 accounting_sta_start(hapd, sta);
147 static void ieee802_1x_ml_set_sta_authorized(struct hostapd_data *hapd,
154 if (!hostapd_is_mld_ap(hapd))
161 if (authorized && hapd->mld_link_id != sta->mld_assoc_link_id)
170 for (i = 0; i < hapd->iface->interfaces->count; i++) {
173 hapd->iface->interfaces->iface[i]->bss[0];
175 if (!hostapd_is_ml_partner(hapd, tmp_hapd))
197 void ieee802_1x_set_sta_authorized(struct hostapd_data *hapd,
200 ieee802_1x_set_authorized(hapd, sta, authorized, false);
201 ieee802_1x_ml_set_sta_authorized(hapd, sta, !!authorized);
209 static void ieee802_1x_tx_key_one(struct hostapd_data *hapd,
234 hapd->last_1x_eapol_key_replay_counter,
238 inc_byte_array(hapd->last_1x_eapol_key_replay_counter,
241 hapd->last_1x_eapol_key_replay_counter,
244 os_memcpy(hapd->last_1x_eapol_key_replay_counter,
256 if (hapd->conf->eapol_key_index_workaround) {
287 hdr->version = hapd->conf->eapol_version;
300 ieee802_1x_send(hapd, sta, IEEE802_1X_TYPE_EAPOL_KEY, (u8 *) key, len);
307 static void ieee802_1x_tx_key(struct hostapd_data *hapd, struct sta_info *sta)
309 struct eapol_authenticator *eapol = hapd->eapol_auth;
326 ieee802_1x_tx_key_one(hapd, sta, eapol->default_wep_key_idx, 1,
328 hapd->conf->default_wep_key_len);
331 if (hapd->conf->individual_wep_key_len > 0) {
334 ikey = os_malloc(hapd->conf->individual_wep_key_len);
336 random_get_bytes(ikey, hapd->conf->individual_wep_key_len))
345 ikey, hapd->conf->individual_wep_key_len);
347 ieee802_1x_tx_key_one(hapd, sta, 0, 0, ikey,
348 hapd->conf->individual_wep_key_len);
352 if (hostapd_drv_set_key(hapd->conf->iface, hapd, WPA_ALG_WEP,
354 hapd->conf->individual_wep_key_len,
369 const char *radius_mode_txt(struct hostapd_data *hapd)
371 switch (hapd->iface->conf->hw_mode) {
385 int radius_sta_rate(struct hostapd_data *hapd, struct sta_info *sta)
399 static void ieee802_1x_learn_identity(struct hostapd_data *hapd,
430 hostapd_logger(hapd, sm->addr, HOSTAPD_MODULE_IEEE8021X,
436 static int add_common_radius_sta_attr_rsn(struct hostapd_data *hapd,
456 suite = wpa_cipher_to_suite(((hapd->conf->wpa & 0x2) ||
457 hapd->conf->osen) ?
459 hapd->conf->wpa_group);
479 if (hapd->conf->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
481 hapd->conf->group_mgmt_cipher);
496 static int add_common_radius_sta_attr(struct hostapd_data *hapd,
533 radius_sta_rate(hapd, sta) / 2,
534 (radius_sta_rate(hapd, sta) & 1) ? ".5" : "",
535 radius_mode_txt(hapd));
556 if ((hapd->conf->wpa & 2) &&
557 !hapd->conf->disable_pmksa_caching &&
572 if (hapd->conf->wpa && wpa_key_mgmt_ft(hapd->conf->wpa_key_mgmt) &&
580 hapd->conf->mobility_domain))) {
586 if ((hapd->conf->wpa || hapd->conf->osen) && sta->wpa_sm &&
587 add_common_radius_sta_attr_rsn(hapd, req_attr, sta, msg) < 0)
594 int add_common_radius_attr(struct hostapd_data *hapd,
605 hapd->conf->own_ip_addr.af == AF_INET &&
607 (u8 *) &hapd->conf->own_ip_addr.u.v4, 4)) {
615 hapd->conf->own_ip_addr.af == AF_INET6 &&
617 (u8 *) &hapd->conf->own_ip_addr.u.v6, 16)) {
625 hapd->conf->nas_identifier &&
627 (u8 *) hapd->conf->nas_identifier,
628 os_strlen(hapd->conf->nas_identifier))) {
634 MAC2STR(hapd->own_addr));
635 os_memcpy(&buf[len], hapd->conf->ssid.ssid,
636 hapd->conf->ssid.ssid_len);
637 len += hapd->conf->ssid.ssid_len;
655 if (hapd->conf->interworking &&
656 !is_zero_ether_addr(hapd->conf->hessid)) {
658 MAC2STR(hapd->conf->hessid));
670 if (sta && add_common_radius_sta_attr(hapd, req_attr, sta, msg) < 0)
686 int add_sqlite_radius_attr(struct hostapd_data *hapd, struct sta_info *sta,
695 if (!hapd->rad_attr_db)
701 if (sqlite3_prepare_v2(hapd->rad_attr_db, sql, os_strlen(sql), &stmt,
704 sqlite3_errmsg(hapd->rad_attr_db));
743 void ieee802_1x_encapsulate_radius(struct hostapd_data *hapd,
753 ieee802_1x_learn_identity(hapd, sm, eap, len);
757 sm->radius_identifier = radius_client_get_id(hapd->radius);
780 if (add_common_radius_attr(hapd, hapd->conf->radius_auth_req_attr, sta,
784 if (sta && add_sqlite_radius_attr(hapd, sta, msg, 0) < 0)
790 if (!hostapd_config_get_radius_attr(hapd->conf->radius_auth_req_attr,
818 if (hapd->conf->radius_request_cui) {
838 if (hapd->conf->hs20) {
839 u8 ver = hapd->conf->hs20_release - 1;
882 if (hapd->conf->t_c_filename) {
888 (const u8 *) hapd->conf->t_c_filename,
889 os_strlen(hapd->conf->t_c_filename))) {
895 timestamp = host_to_be32(hapd->conf->t_c_timestamp);
909 if (radius_client_send(hapd->radius, msg, RADIUS_AUTH, sta->addr) < 0)
920 static void handle_eap_response(struct hostapd_data *hapd,
939 hostapd_logger(hapd, sm->addr, HOSTAPD_MODULE_IEEE8021X,
953 static void handle_eap_initiate(struct hostapd_data *hapd,
972 hostapd_logger(hapd, sm->addr, HOSTAPD_MODULE_IEEE8021X,
1009 static void handle_eap(struct hostapd_data *hapd, struct sta_info *sta,
1041 handle_eap_response(hapd, sta, eap, eap_len);
1044 handle_eap_initiate(hapd, sta, eap, eap_len);
1051 ieee802_1x_alloc_eapol_sm(struct hostapd_data *hapd, struct sta_info *sta)
1062 return eapol_auth_alloc(hapd->eapol_auth, sta->addr, flags,
1110 * @hapd: hostapd BSS data
1118 void ieee802_1x_receive(struct hostapd_data *hapd, const u8 *sa, const u8 *buf,
1128 if (!hapd->conf->ieee802_1x && !hapd->conf->wpa && !hapd->conf->osen &&
1129 !hapd->conf->wps_state)
1135 sta = ap_get_sta(hapd, sa);
1137 !(hapd->iface->drv_flags & WPA_DRIVER_FLAGS_WIRED))) {
1183 wpa_receive(hapd->wpa_auth, sta->wpa_sm, (u8 *) hdr,
1188 if (!hapd->conf->ieee802_1x && !hapd->conf->osen &&
1211 sta->eapol_sm = ieee802_1x_alloc_eapol_sm(hapd, sta);
1216 if (!hapd->conf->ieee802_1x && hapd->conf->wps_state) {
1248 handle_eap(hapd, sta, (u8 *) (hdr + 1), datalen);
1252 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
1258 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_WPA,
1270 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
1275 accounting_sta_stop(hapd, sta);
1314 * @hapd: hostapd BSS data
1320 void ieee802_1x_new_station(struct hostapd_data *hapd, struct sta_info *sta)
1328 if (hapd->conf->wps_state &&
1329 ((hapd->conf->wpa && (sta->flags & WLAN_STA_MAYBE_WPS)) ||
1340 if (!force_1x && !hapd->conf->ieee802_1x && !hapd->conf->osen) {
1347 ieee802_1x_free_station(hapd, sta);
1360 ieee802_1x_free_station(hapd, sta);
1365 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
1367 sta->eapol_sm = ieee802_1x_alloc_eapol_sm(hapd, sta);
1369 hostapd_logger(hapd, sta->addr,
1380 if (!hapd->conf->ieee802_1x && hapd->conf->wps_state &&
1397 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
1411 ap_sta_bind_vlan(hapd, sta);
1420 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
1441 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
1454 pmksa_cache_to_eapol_data(hapd, pmksa, sta->eapol_sm);
1455 ap_sta_bind_vlan(hapd, sta);
1470 void ieee802_1x_free_station(struct hostapd_data *hapd, struct sta_info *sta)
1475 eloop_cancel_timeout(ieee802_1x_wnm_notif_send, hapd, sta);
1499 static void ieee802_1x_decapsulate_radius(struct hostapd_data *hapd,
1522 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
1530 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
1564 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
1576 static void ieee802_1x_get_keys(struct hostapd_data *hapd,
1639 static void ieee802_1x_store_radius_class(struct hostapd_data *hapd,
1650 if (!hapd->conf->radius->acct_server || !hapd->radius || !sm)
1694 static void ieee802_1x_update_sta_identity(struct hostapd_data *hapd,
1713 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
1726 static void ieee802_1x_update_sta_cui(struct hostapd_data *hapd,
1779 static void ieee802_1x_hs20_deauth_req(struct hostapd_data *hapd,
1801 timeout = hapd->conf->hs20_deauth_req_timeout;
1808 ap_sta_session_timeout(hapd, sta, timeout);
1812 static void ieee802_1x_hs20_session_info(struct hostapd_data *hapd,
1844 beacon_int = hapd->iconf->beacon_int;
1851 ap_sta_session_warning_timeout(hapd, sta, warning_time);
1855 static void ieee802_1x_hs20_t_c_filtering(struct hostapd_data *hapd,
1864 hs20_t_c_filtering(hapd, sta, pos[0] & BIT(0));
1868 static void ieee802_1x_hs20_t_c_url(struct hostapd_data *hapd,
1884 static void ieee802_1x_check_hs20(struct hostapd_data *hapd,
1923 ieee802_1x_hs20_deauth_req(hapd, sta, pos, sublen);
1926 ieee802_1x_hs20_session_info(hapd, sta, pos, sublen,
1930 ieee802_1x_hs20_t_c_filtering(hapd, sta, pos, sublen);
1933 ieee802_1x_hs20_t_c_url(hapd, sta, pos, sublen);
1947 static int ieee802_1x_select_radius_identifier(struct hostapd_data *hapd,
1964 ieee802_1x_search_radius_identifier(struct hostapd_data *hapd, u8 identifier)
1970 ap_for_each_sta(hapd, ieee802_1x_select_radius_identifier, &id_search);
1977 struct hostapd_data *hapd,
1988 !hostapd_vlan_valid(hapd->conf->vlan, &vlan_desc)) {
1990 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_RADIUS,
1996 ap_sta_set_vlan(hapd, sta, &vlan_desc);
2000 if (hapd->conf->ssid.dynamic_vlan == DYNAMIC_VLAN_REQUIRED &&
2003 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
2009 return ap_sta_set_vlan(hapd, sta, &vlan_desc);
2028 struct hostapd_data *hapd = data;
2037 sm = ieee802_1x_search_radius_identifier(hapd, hdr->identifier);
2072 if (hapd->conf->acct_interim_interval == 0 &&
2077 hostapd_logger(hapd, sta->addr,
2090 if (hapd->conf->ssid.dynamic_vlan != DYNAMIC_VLAN_DISABLED &&
2091 ieee802_1x_update_vlan(msg, hapd, sta) < 0)
2095 hostapd_logger(hapd, sta->addr,
2102 ap_sta_bind_vlan(hapd, sta) < 0)
2115 ap_sta_session_timeout(hapd, sta, session_timeout);
2117 ap_sta_no_session_timeout(hapd, sta);
2121 ieee802_1x_get_keys(hapd, sta, msg, req, shared_secret,
2123 ieee802_1x_store_radius_class(hapd, sta, msg);
2124 ieee802_1x_update_sta_identity(hapd, sta, msg);
2125 ieee802_1x_update_sta_cui(hapd, sta, msg);
2126 ieee802_1x_check_hs20(hapd, sta, msg,
2146 hostapd_logger(hapd, sm->addr,
2161 ieee802_1x_decapsulate_radius(hapd, sta);
2171 hapd, sta, hdr->code == RADIUS_CODE_ACCESS_ACCEPT,
2186 void ieee802_1x_abort_auth(struct hostapd_data *hapd, struct sta_info *sta)
2193 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
2207 wpa_dbg(hapd->msg_ctx, MSG_DEBUG, "EAP Timeout, STA " MACSTR,
2211 ap_sta_disconnect(hapd, sta, sta->addr,
2219 static int ieee802_1x_rekey_broadcast(struct hostapd_data *hapd)
2221 struct eapol_authenticator *eapol = hapd->eapol_auth;
2223 if (hapd->conf->default_wep_key_len < 1)
2227 eapol->default_wep_key = os_malloc(hapd->conf->default_wep_key_len);
2230 hapd->conf->default_wep_key_len)) {
2239 hapd->conf->default_wep_key_len);
2245 static int ieee802_1x_sta_key_available(struct hostapd_data *hapd,
2258 struct hostapd_data *hapd = eloop_ctx;
2259 struct eapol_authenticator *eapol = hapd->eapol_auth;
2263 hapd->conf->individual_wep_key_len > 0 ? 1 : 0;
2270 if (ieee802_1x_rekey_broadcast(hapd)) {
2271 hostapd_logger(hapd, NULL, HOSTAPD_MODULE_IEEE8021X,
2281 if (hostapd_drv_set_key(hapd->conf->iface, hapd, WPA_ALG_WEP,
2285 hapd->conf->default_wep_key_len,
2287 hostapd_logger(hapd, NULL, HOSTAPD_MODULE_IEEE8021X,
2295 ap_for_each_sta(hapd, ieee802_1x_sta_key_available, NULL);
2297 if (hapd->conf->wep_rekeying_period > 0) {
2298 eloop_register_timeout(hapd->conf->wep_rekeying_period, 0,
2299 ieee802_1x_rekey, hapd, NULL);
2341 struct hostapd_data *hapd = ctx;
2344 ieee802_1x_encapsulate_radius(hapd, sta, data, datalen);
2352 struct hostapd_data *hapd = ctx;
2356 rsn_preauth_finished(hapd, sta, success);
2360 return ieee802_1x_finished(hapd, sta, success, remediation, logoff);
2368 struct hostapd_data *hapd = ctx;
2373 eap_user = hostapd_get_eap_user(hapd, identity, identity_len, phase2);
2415 struct hostapd_data *hapd = ctx;
2418 sta = ap_get_sta(hapd, addr);
2429 struct hostapd_data *hapd = ctx;
2445 hostapd_logger(hapd, addr, HOSTAPD_MODULE_IEEE8021X, hlevel, "%s",
2454 struct hostapd_data *hapd = ctx;
2457 ieee802_1x_set_sta_authorized(hapd, sta, authorized);
2463 struct hostapd_data *hapd = ctx;
2466 ieee802_1x_abort_auth(hapd, sta);
2475 struct hostapd_data *hapd = ctx;
2478 ieee802_1x_tx_key(hapd, sta);
2488 /* struct hostapd_data *hapd = ctx; */
2507 struct hostapd_data *hapd = ctx;
2510 dl_list_for_each(erp, &hapd->erp_keys, struct eap_server_erp_key,
2522 struct hostapd_data *hapd = ctx;
2524 dl_list_add(&hapd->erp_keys, &erp->list);
2531 int ieee802_1x_init(struct hostapd_data *hapd)
2537 if (!hostapd_mld_is_first_bss(hapd)) {
2540 first = hostapd_mld_get_first_bss(hapd);
2555 hapd->eapol_auth = first->eapol_auth;
2560 dl_list_init(&hapd->erp_keys);
2563 conf.eap_cfg = hapd->eap_cfg;
2564 conf.ctx = hapd;
2565 conf.eap_reauth_period = hapd->conf->eap_reauth_period;
2566 conf.wpa = hapd->conf->wpa;
2568 conf.individual_wep_key_len = hapd->conf->individual_wep_key_len;
2570 conf.eap_req_id_text = hapd->conf->eap_req_id_text;
2571 conf.eap_req_id_text_len = hapd->conf->eap_req_id_text_len;
2572 conf.erp_send_reauth_start = hapd->conf->erp_send_reauth_start;
2573 conf.erp_domain = hapd->conf->erp_domain;
2575 conf.eap_skip_prot_success = hapd->conf->eap_skip_prot_success;
2596 hapd->eapol_auth = eapol_auth_init(&conf, &cb);
2597 if (!hapd->eapol_auth)
2600 if ((hapd->conf->ieee802_1x || hapd->conf->wpa) &&
2601 hostapd_set_drv_ieee8021x(hapd, hapd->conf->iface, 1))
2605 if (radius_client_register(hapd->radius, RADIUS_AUTH,
2606 ieee802_1x_receive_auth, hapd))
2611 if (hapd->conf->default_wep_key_len) {
2615 hostapd_drv_set_key(hapd->conf->iface, hapd,
2619 ieee802_1x_rekey(hapd, NULL);
2621 if (!hapd->eapol_auth->default_wep_key)
2630 void ieee802_1x_erp_flush(struct hostapd_data *hapd)
2634 while ((erp = dl_list_first(&hapd->erp_keys, struct eap_server_erp_key,
2642 void ieee802_1x_deinit(struct hostapd_data *hapd)
2645 if (!hostapd_mld_is_first_bss(hapd)) {
2649 hapd->eapol_auth = NULL;
2655 eloop_cancel_timeout(ieee802_1x_rekey, hapd, NULL);
2658 if (hapd->driver && hapd->drv_priv &&
2659 (hapd->conf->ieee802_1x || hapd->conf->wpa))
2660 hostapd_set_drv_ieee8021x(hapd, hapd->conf->iface, 0);
2662 eapol_auth_deinit(hapd->eapol_auth);
2663 hapd->eapol_auth = NULL;
2665 ieee802_1x_erp_flush(hapd);
2669 int ieee802_1x_tx_status(struct hostapd_data *hapd, struct sta_info *sta,
2691 return ieee802_1x_eapol_tx_status(hapd, sta, pos, buf + len - pos,
2696 int ieee802_1x_eapol_tx_status(struct hostapd_data *hapd, struct sta_info *sta,
2714 ap_sta_pending_delayed_1x_auth_fail_disconnect(hapd, sta)) {
2717 hostapd_wps_eap_completed(hapd);
2730 wpa_auth_eapol_key_tx_status(hapd->wpa_auth,
2741 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
2852 int ieee802_1x_get_mib(struct hostapd_data *hapd, char *buf, size_t buflen)
2859 int ieee802_1x_get_mib_sta(struct hostapd_data *hapd, struct sta_info *sta,
3041 struct hostapd_data *hapd = eloop_ctx;
3048 hs20_send_wnm_notification(hapd, sta->addr,
3059 hs20_send_wnm_notification_deauth_req(hapd, sta->addr,
3067 hs20_send_wnm_notification_t_c(hapd, sta->addr, sta->t_c_url);
3075 static bool ieee802_1x_finished(struct hostapd_data *hapd,
3091 os_strdup(hapd->conf->subscr_remediation_url);
3099 eloop_cancel_timeout(ieee802_1x_wnm_notif_send, hapd, sta);
3101 hapd, sta);
3106 ieee802_1x_notify_create_actor_hapd(hapd, sta);
3121 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_WPA,
3137 ap_sta_delayed_1x_auth_fail_disconnect(hapd, sta,