@@ -360,6 +360,7 @@ static u8 * hostapd_add_csa_elems(struct hostapd_data *hapd, u8 *pos,
static u8 * hostapd_gen_probe_resp(struct hostapd_data *hapd,
+ struct sta_info *sta,
const struct ieee80211_mgmt *req,
int is_p2p, size_t *resp_len)
{
@@ -401,7 +402,7 @@ static u8 * hostapd_gen_probe_resp(struct hostapd_data *hapd,
/* hardware or low-level driver will setup seq_ctrl and timestamp */
resp->u.probe_resp.capab_info =
- host_to_le16(hostapd_own_capab_info(hapd));
+ host_to_le16(hostapd_own_capab_info(hapd, sta, 1));
pos = resp->u.probe_resp.variable;
*pos++ = WLAN_EID_SSID;
@@ -547,6 +548,7 @@ void handle_probe_req(struct hostapd_data *hapd,
struct ieee802_11_elems elems;
const u8 *ie;
size_t ie_len;
+ struct sta_info *sta = NULL;
size_t i, resp_len;
int noack;
enum ssid_match_result res;
@@ -633,6 +635,8 @@ void handle_probe_req(struct hostapd_data *hapd,
return;
}
+ sta = ap_get_sta(hapd, mgmt->sa);
+
#ifdef CONFIG_P2P
if ((hapd->conf->p2p & P2P_GROUP_OWNER) &&
elems.ssid_len == P2P_WILDCARD_SSID_LEN &&
@@ -645,7 +649,10 @@ void handle_probe_req(struct hostapd_data *hapd,
res = ssid_match(hapd, elems.ssid, elems.ssid_len,
elems.ssid_list, elems.ssid_list_len);
- if (res == NO_SSID_MATCH) {
+ if (res != NO_SSID_MATCH) {
+ if (sta)
+ sta->ssid_probe = &hapd->conf->ssid;
+ } else {
if (!(mgmt->da[0] & 0x01)) {
wpa_printf(MSG_MSGDUMP, "Probe Request from " MACSTR
" for foreign SSID '%s' (DA " MACSTR ")%s",
@@ -712,7 +719,7 @@ void handle_probe_req(struct hostapd_data *hapd,
}
#endif /* CONFIG_TESTING_OPTIONS */
- resp = hostapd_gen_probe_resp(hapd, mgmt, elems.p2p != NULL,
+ resp = hostapd_gen_probe_resp(hapd, sta, mgmt, elems.p2p != NULL,
&resp_len);
if (resp == NULL)
return;
@@ -767,7 +774,7 @@ static u8 * hostapd_probe_resp_offloads(struct hostapd_data *hapd,
"this");
/* Generate a Probe Response template for the non-P2P case */
- return hostapd_gen_probe_resp(hapd, NULL, 0, resp_len);
+ return hostapd_gen_probe_resp(hapd, NULL, NULL, 0, resp_len);
}
#endif /* NEED_AP_MLME */
@@ -826,7 +833,7 @@ int ieee802_11_build_ap_params(struct hostapd_data *hapd,
host_to_le16(hapd->iconf->beacon_int);
/* hardware or low-level driver will setup seq_ctrl and timestamp */
- capab_info = hostapd_own_capab_info(hapd);
+ capab_info = hostapd_own_capab_info(hapd, NULL, 0);
head->u.beacon.capab_info = host_to_le16(capab_info);
pos = &head->u.beacon.variable[0];
@@ -132,7 +132,8 @@ u8 * hostapd_eid_ext_supp_rates(struct hostapd_data *hapd, u8 *eid)
}
-u16 hostapd_own_capab_info(struct hostapd_data *hapd)
+u16 hostapd_own_capab_info(struct hostapd_data *hapd, struct sta_info *sta,
+ int probe)
{
int capab = WLAN_CAPABILITY_ESS;
int privacy;
@@ -165,6 +166,20 @@ u16 hostapd_own_capab_info(struct hostapd_data *hapd)
privacy = 1;
#endif /* CONFIG_HS20 */
+ if (sta) {
+ int policy, def_klen;
+ if (probe && sta->ssid_probe) {
+ policy = sta->ssid_probe->security_policy;
+ def_klen = sta->ssid_probe->wep.default_len;
+ } else {
+ policy = sta->ssid->security_policy;
+ def_klen = sta->ssid->wep.default_len;
+ }
+ privacy = policy != SECURITY_PLAINTEXT;
+ if (policy == SECURITY_IEEE_802_1X && def_klen == 0)
+ privacy = 0;
+ }
+
if (privacy)
capab |= WLAN_CAPABILITY_PRIVACY;
@@ -1577,7 +1592,7 @@ static void send_assoc_resp(struct hostapd_data *hapd, struct sta_info *sta,
send_len = IEEE80211_HDRLEN;
send_len += sizeof(reply->u.assoc_resp);
reply->u.assoc_resp.capab_info =
- host_to_le16(hostapd_own_capab_info(hapd));
+ host_to_le16(hostapd_own_capab_info(hapd, sta, 0));
reply->u.assoc_resp.status_code = host_to_le16(status_code);
reply->u.assoc_resp.aid = host_to_le16(sta->aid | BIT(14) | BIT(15));
/* Supported rates */
@@ -2318,7 +2333,7 @@ static void hostapd_set_wds_encryption(struct hostapd_data *hapd,
char *ifname_wds)
{
int i;
- struct hostapd_ssid *ssid = &hapd->conf->ssid;
+ struct hostapd_ssid *ssid = sta->ssid;
if (hapd->conf->ieee802_1x || hapd->conf->wpa)
return;
@@ -41,7 +41,8 @@ static inline int ieee802_11_get_mib_sta(struct hostapd_data *hapd,
return 0;
}
#endif /* NEED_AP_MLME */
-u16 hostapd_own_capab_info(struct hostapd_data *hapd);
+u16 hostapd_own_capab_info(struct hostapd_data *hapd, struct sta_info *sta,
+ int probe);
void ap_ht2040_timeout(void *eloop_data, void *user_data);
u8 * hostapd_eid_ext_capab(struct hostapd_data *hapd, u8 *eid);
u8 * hostapd_eid_qos_map_set(struct hostapd_data *hapd, u8 *eid);
@@ -1652,7 +1652,7 @@ ieee802_1x_receive_auth(struct radius_msg *msg, struct radius_msg *req,
switch (hdr->code) {
case RADIUS_CODE_ACCESS_ACCEPT:
- if (hapd->conf->ssid.dynamic_vlan == DYNAMIC_VLAN_DISABLED)
+ if (sta->ssid->dynamic_vlan == DYNAMIC_VLAN_DISABLED)
vlan_id = 0;
#ifndef CONFIG_NO_VLAN
else
@@ -1671,8 +1671,7 @@ ieee802_1x_receive_auth(struct radius_msg *msg, struct radius_msg *req,
"Invalid VLAN ID %d received from RADIUS server",
vlan_id);
break;
- } else if (hapd->conf->ssid.dynamic_vlan ==
- DYNAMIC_VLAN_REQUIRED) {
+ } else if (sta->ssid->dynamic_vlan == DYNAMIC_VLAN_REQUIRED) {
sta->eapol_sm->authFail = TRUE;
hostapd_logger(hapd, sta->addr,
HOSTAPD_MODULE_IEEE8021X,
@@ -632,6 +632,7 @@ struct sta_info * ap_sta_add(struct hostapd_data *hapd, const u8 *addr)
hapd->sta_list = sta;
hapd->num_sta++;
ap_sta_hash_add(hapd, sta);
+ sta->ssid = &hapd->conf->ssid;
ap_sta_remove_in_other_bss(hapd, sta);
sta->last_seq_ctrl = WLAN_INVALID_MGMT_SEQ;
dl_list_init(&sta->ip6addr);
@@ -789,10 +790,10 @@ int ap_sta_bind_vlan(struct hostapd_data *hapd, struct sta_info *sta)
int old_vlanid = sta->vlan_id_bound;
iface = hapd->conf->iface;
- if (hapd->conf->ssid.vlan[0])
- iface = hapd->conf->ssid.vlan;
+ if (sta->ssid->vlan[0])
+ iface = sta->ssid->vlan;
- if (hapd->conf->ssid.dynamic_vlan == DYNAMIC_VLAN_DISABLED)
+ if (sta->ssid->dynamic_vlan == DYNAMIC_VLAN_DISABLED)
sta->vlan_id = 0;
else if (sta->vlan_id > 0) {
struct hostapd_vlan *wildcard_vlan = NULL;
@@ -838,7 +839,7 @@ int ap_sta_bind_vlan(struct hostapd_data *hapd, struct sta_info *sta)
}
iface = vlan->ifname;
- if (vlan_setup_encryption_dyn(hapd, iface) != 0) {
+ if (vlan_setup_encryption_dyn(hapd, sta->ssid, iface) != 0) {
hostapd_logger(hapd, sta->addr,
HOSTAPD_MODULE_IEEE80211,
HOSTAPD_LEVEL_DEBUG, "could not "
@@ -865,7 +866,7 @@ int ap_sta_bind_vlan(struct hostapd_data *hapd, struct sta_info *sta)
* configuration for the case where hostapd did not yet know
* which keys are to be used when the interface was added.
*/
- if (vlan_setup_encryption_dyn(hapd, iface) != 0) {
+ if (vlan_setup_encryption_dyn(hapd, sta->ssid, iface) != 0) {
hostapd_logger(hapd, sta->addr,
HOSTAPD_MODULE_IEEE80211,
HOSTAPD_LEVEL_DEBUG, "could not "
@@ -117,6 +117,9 @@ struct sta_info {
struct wpa_state_machine *wpa_sm;
struct rsn_preauth_interface *preauth_iface;
+ struct hostapd_ssid *ssid; /* SSID selection based on (Re)AssocReq */
+ struct hostapd_ssid *ssid_probe; /* SSID selection based on ProbeReq */
+
int vlan_id; /* 0: none, >0: VID */
int vlan_id_bound; /* updated by ap_sta_bind_vlan() */
/* PSKs from RADIUS authentication server */
@@ -784,7 +784,8 @@ static void full_dynamic_vlan_deinit(struct full_dynamic_vlan *priv)
#endif /* CONFIG_FULL_DYNAMIC_VLAN */
-int vlan_setup_encryption_dyn(struct hostapd_data *hapd, const char *dyn_vlan)
+int vlan_setup_encryption_dyn(struct hostapd_data *hapd,
+ struct hostapd_ssid *mssid, const char *dyn_vlan)
{
int i;
@@ -794,11 +795,10 @@ int vlan_setup_encryption_dyn(struct hostapd_data *hapd, const char *dyn_vlan)
/* Static WEP keys are set here; IEEE 802.1X and WPA uses their own
* functions for setting up dynamic broadcast keys. */
for (i = 0; i < 4; i++) {
- if (hapd->conf->ssid.wep.key[i] &&
+ if (mssid->wep.key[i] &&
hostapd_drv_set_key(dyn_vlan, hapd, WPA_ALG_WEP, NULL, i,
- i == hapd->conf->ssid.wep.idx, NULL, 0,
- hapd->conf->ssid.wep.key[i],
- hapd->conf->ssid.wep.len[i]))
+ i == mssid->wep.idx, NULL, 0,
+ mssid->wep.key[i], mssid->wep.len[i]))
{
wpa_printf(MSG_ERROR, "VLAN: Could not set WEP "
"encryption for dynamic VLAN");
@@ -18,6 +18,7 @@ struct hostapd_vlan * vlan_add_dynamic(struct hostapd_data *hapd,
int vlan_id);
int vlan_remove_dynamic(struct hostapd_data *hapd, int vlan_id);
int vlan_setup_encryption_dyn(struct hostapd_data *hapd,
+ struct hostapd_ssid *mssid,
const char *dyn_vlan);
#else /* CONFIG_NO_VLAN */
static inline int vlan_init(struct hostapd_data *hapd)
@@ -42,6 +43,7 @@ static inline int vlan_remove_dynamic(struct hostapd_data *hapd, int vlan_id)
}
static inline int vlan_setup_encryption_dyn(struct hostapd_data *hapd,
+ struct hostapd_ssid *mssid,
const char *dyn_vlan)
{
return -1;
This reverts commit f41ded6fa4032976b01634ed3946762cb1f383a6. Signed-off-by: Stefan Tomanek <stefan.tomanek@wertarbyte.de> --- src/ap/beacon.c | 17 ++++++++++++----- src/ap/ieee802_11.c | 21 ++++++++++++++++++--- src/ap/ieee802_11.h | 3 ++- src/ap/ieee802_1x.c | 5 ++--- src/ap/sta_info.c | 11 ++++++----- src/ap/sta_info.h | 3 +++ src/ap/vlan_init.c | 10 +++++----- src/ap/vlan_init.h | 2 ++ 8 files changed, 50 insertions(+), 22 deletions(-)