int ap_sta_bind_vlan(struct hostapd_data *hapd, struct sta_info *sta) { #ifndef CONFIG_NO_VLAN const char *iface; struct hostapd_vlan *vlan = NULL; int ret; int old_vlanid = sta->vlan_id_bound; iface = hapd->conf->iface; if (hapd->conf->ssid.vlan[0]) iface = hapd->conf->ssid.vlan; if (hapd->conf->ssid.dynamic_vlan == DYNAMIC_VLAN_DISABLED) sta->vlan_id = 0; else if (sta->vlan_id > 0) { struct hostapd_vlan *wildcard_vlan = NULL; vlan = hapd->conf->vlan; while (vlan) { if (vlan->vlan_id == sta->vlan_id) break; if (vlan->vlan_id == VLAN_ID_WILDCARD) wildcard_vlan = vlan; vlan = vlan->next; } if (!vlan) vlan = wildcard_vlan; if (vlan) iface = vlan->ifname; } /* * Do not increment ref counters if the VLAN ID remains same, but do * not skip hostapd_drv_set_sta_vlan() as hostapd_drv_sta_remove() might * have been called before. */ if (sta->vlan_id == old_vlanid) goto skip_counting; if (sta->vlan_id > 0 && vlan == NULL) { hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_DEBUG, "could not find VLAN for " "binding station to (vlan_id=%d)", sta->vlan_id); ret = -1; goto done; } else if (sta->vlan_id > 0 && vlan->vlan_id == VLAN_ID_WILDCARD) { vlan = vlan_add_dynamic(hapd, vlan, sta->vlan_id); if (vlan == NULL) { hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_DEBUG, "could not add " "dynamic VLAN interface for vlan_id=%d", sta->vlan_id); ret = -1; goto done; } iface = vlan->ifname; if (vlan_setup_encryption_dyn(hapd, iface) != 0) { hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_DEBUG, "could not " "configure encryption for dynamic VLAN " "interface for vlan_id=%d", sta->vlan_id); } hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_DEBUG, "added new dynamic VLAN " "interface '%s'", iface); } else if (vlan && vlan->vlan_id == sta->vlan_id) { if (vlan->dynamic_vlan > 0) { vlan->dynamic_vlan++; hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_DEBUG, "updated existing " "dynamic VLAN interface '%s'", iface); } /* * Update encryption configuration for statically generated * VLAN interface. This is only used for static WEP * configuration for the case where hostapd did not yet know * which keys are to be used when the interface was added. */ if (vlan_setup_encryption_dyn(hapd, iface) != 0) { hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_DEBUG, "could not " "configure encryption for VLAN " "interface for vlan_id=%d", sta->vlan_id); } } /* ref counters have been increased, so mark the station */ sta->vlan_id_bound = sta->vlan_id; skip_counting: hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_DEBUG, "binding station to interface " "'%s'", iface); if (wpa_auth_sta_set_vlan(sta->wpa_sm, sta->vlan_id) < 0) wpa_printf(MSG_INFO, "Failed to update VLAN-ID for WPA"); ret = hostapd_drv_set_sta_vlan(iface, hapd, sta->addr, sta->vlan_id); if (ret < 0) { hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_DEBUG, "could not bind the STA " "entry to vlan_id=%d", sta->vlan_id); } /* During 1x reauth, if the vlan id changes, then remove the old id. */ if (old_vlanid > 0 && old_vlanid != sta->vlan_id) vlan_remove_dynamic(hapd, old_vlanid); done: return ret; #else /* CONFIG_NO_VLAN */ return 0; #endif /* CONFIG_NO_VLAN */ }
int ap_sta_bind_vlan(struct hostapd_data *hapd, struct sta_info *sta, int old_vlanid) { #ifndef CONFIG_NO_VLAN const char *iface; struct hostapd_vlan *vlan = NULL; int ret; /* * Do not proceed furthur if the vlan id remains same. We do not want * duplicate dynamic vlan entries. */ if (sta->vlan_id == old_vlanid) return 0; /* * During 1x reauth, if the vlan id changes, then remove the old id and * proceed furthur to add the new one. */ if (old_vlanid > 0) vlan_remove_dynamic(hapd, old_vlanid); iface = hapd->conf->iface; if (sta->ssid->vlan[0]) iface = sta->ssid->vlan; if (sta->ssid->dynamic_vlan == DYNAMIC_VLAN_DISABLED) sta->vlan_id = 0; else if (sta->vlan_id > 0) { vlan = hapd->conf->vlan; while (vlan) { if (vlan->vlan_id == sta->vlan_id || vlan->vlan_id == VLAN_ID_WILDCARD) { iface = vlan->ifname; break; } vlan = vlan->next; } } if (sta->vlan_id > 0 && vlan == NULL) { hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_DEBUG, "could not find VLAN for " "binding station to (vlan_id=%d)", sta->vlan_id); return -1; } else if (sta->vlan_id > 0 && vlan->vlan_id == VLAN_ID_WILDCARD) { vlan = vlan_add_dynamic(hapd, vlan, sta->vlan_id); if (vlan == NULL) { hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_DEBUG, "could not add " "dynamic VLAN interface for vlan_id=%d", sta->vlan_id); return -1; } iface = vlan->ifname; if (vlan_setup_encryption_dyn(hapd, sta->ssid, iface) != 0) { hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_DEBUG, "could not " "configure encryption for dynamic VLAN " "interface for vlan_id=%d", sta->vlan_id); } hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_DEBUG, "added new dynamic VLAN " "interface '%s'", iface); } else if (vlan && vlan->vlan_id == sta->vlan_id) { if (sta->vlan_id > 0) { vlan->dynamic_vlan++; hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_DEBUG, "updated existing " "dynamic VLAN interface '%s'", iface); } /* * Update encryption configuration for statically generated * VLAN interface. This is only used for static WEP * configuration for the case where hostapd did not yet know * which keys are to be used when the interface was added. */ if (vlan_setup_encryption_dyn(hapd, sta->ssid, iface) != 0) { hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_DEBUG, "could not " "configure encryption for VLAN " "interface for vlan_id=%d", sta->vlan_id); } } hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_DEBUG, "binding station to interface " "'%s'", iface); if (wpa_auth_sta_set_vlan(sta->wpa_sm, sta->vlan_id) < 0) wpa_printf(MSG_INFO, "Failed to update VLAN-ID for WPA"); ret = hostapd_drv_set_sta_vlan(iface, hapd, sta->addr, sta->vlan_id); if (ret < 0) { hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_DEBUG, "could not bind the STA " "entry to vlan_id=%d", sta->vlan_id); } return ret; #else /* CONFIG_NO_VLAN */ return 0; #endif /* CONFIG_NO_VLAN */ }
int ap_sta_set_vlan(struct hostapd_data *hapd, struct sta_info *sta, struct vlan_description *vlan_desc) { struct hostapd_vlan *vlan = NULL, *wildcard_vlan = NULL; int old_vlan_id, vlan_id = 0, ret = 0; if (hapd->conf->ssid.dynamic_vlan == DYNAMIC_VLAN_DISABLED) vlan_desc = NULL; /* Check if there is something to do */ if (hapd->conf->ssid.per_sta_vif && !sta->vlan_id) { /* This sta is lacking its own vif */ } else if (hapd->conf->ssid.dynamic_vlan == DYNAMIC_VLAN_DISABLED && !hapd->conf->ssid.per_sta_vif && sta->vlan_id) { /* sta->vlan_id needs to be reset */ } else if (!vlan_compare(vlan_desc, sta->vlan_desc)) { return 0; /* nothing to change */ } /* Now the real VLAN changed or the STA just needs its own vif */ if (hapd->conf->ssid.per_sta_vif) { /* Assign a new vif, always */ /* find a free vlan_id sufficiently big */ vlan_id = ap_sta_get_free_vlan_id(hapd); /* Get wildcard VLAN */ for (vlan = hapd->conf->vlan; vlan; vlan = vlan->next) { if (vlan->vlan_id == VLAN_ID_WILDCARD) break; } if (!vlan) { hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_DEBUG, "per_sta_vif missing wildcard"); vlan_id = 0; ret = -1; goto done; } } else if (vlan_desc && vlan_desc->notempty) { for (vlan = hapd->conf->vlan; vlan; vlan = vlan->next) { if (!vlan_compare(&vlan->vlan_desc, vlan_desc)) break; if (vlan->vlan_id == VLAN_ID_WILDCARD) wildcard_vlan = vlan; } if (vlan) { vlan_id = vlan->vlan_id; } else if (wildcard_vlan) { vlan = wildcard_vlan; vlan_id = vlan_desc->untagged; if (vlan_desc->tagged[0]) { /* Tagged VLAN configuration */ vlan_id = ap_sta_get_free_vlan_id(hapd); } } else { hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_DEBUG, "missing vlan and wildcard for vlan=%d%s", vlan_desc->untagged, vlan_desc->tagged[0] ? "+" : ""); vlan_id = 0; ret = -1; goto done; } } if (vlan && vlan->vlan_id == VLAN_ID_WILDCARD) { vlan = vlan_add_dynamic(hapd, vlan, vlan_id, vlan_desc); if (vlan == NULL) { hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_DEBUG, "could not add dynamic VLAN interface for vlan=%d%s", vlan_desc ? vlan_desc->untagged : -1, (vlan_desc && vlan_desc->tagged[0]) ? "+" : ""); vlan_id = 0; ret = -1; goto done; } hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_DEBUG, "added new dynamic VLAN interface '%s'", vlan->ifname); } else if (vlan && vlan->dynamic_vlan > 0) { vlan->dynamic_vlan++; hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_DEBUG, "updated existing dynamic VLAN interface '%s'", vlan->ifname); } done: old_vlan_id = sta->vlan_id; sta->vlan_id = vlan_id; sta->vlan_desc = vlan ? &vlan->vlan_desc : NULL; if (vlan_id != old_vlan_id && old_vlan_id) vlan_remove_dynamic(hapd, old_vlan_id); return ret; }