static void hostapd_deauth_all_stas(hostapd *hapd) { u8 addr[ETH_ALEN]; memset(addr, 0xff, ETH_ALEN); ieee802_11_send_deauth(hapd, addr, WLAN_REASON_PREV_AUTH_NOT_VALID); }
static void ieee80211_tkip_countermeasures_start(struct hostapd_data *hapd) { struct sta_info *sta; hostapd_logger(hapd, NULL, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_INFO, "TKIP countermeasures initiated"); hapd->tkip_countermeasures = 1; wpa_gtk_rekey(hapd); eloop_cancel_timeout(ieee80211_tkip_countermeasures_stop, hapd, NULL); eloop_register_timeout(60, 0, ieee80211_tkip_countermeasures_stop, hapd, NULL); for (sta = hapd->sta_list; sta != NULL; sta = sta->next) { ieee802_11_send_deauth(hapd, sta->addr, WLAN_REASON_MICHAEL_MIC_FAILURE); sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC | WLAN_STA_AUTHORIZED); remove_sta(hapd->driver.data, sta->addr); } }
static void handle_data(hostapd *hapd, char *buf, size_t len, u16 stype) { struct ieee80211_hdr *hdr; u16 fc, ethertype; u8 *pos, *sa; size_t left; struct sta_info *sta; if (len < sizeof(struct ieee80211_hdr)) return; hdr = (struct ieee80211_hdr *) buf; fc = le_to_host16(hdr->frame_control); if ((fc & (WLAN_FC_FROMDS | WLAN_FC_TODS)) != WLAN_FC_TODS) { printf("Not ToDS data frame (fc=0x%04x)\n", fc); return; } sa = hdr->addr2; sta = ap_get_sta(hapd, sa); if (!sta || !(sta->flags & WLAN_STA_ASSOC)) { printf("Data frame from not associated STA " MACSTR "\n", MAC2STR(sa)); if (sta && (sta->flags & WLAN_STA_AUTH)) ieee802_11_send_disassoc( hapd, sa, WLAN_REASON_CLASS3_FRAME_FROM_NONASSOC_STA); else ieee802_11_send_deauth( hapd, sa, WLAN_REASON_CLASS3_FRAME_FROM_NONASSOC_STA); return; } pos = (u8 *) (hdr + 1); left = len - sizeof(*hdr); if (left < sizeof(rfc1042_header)) { printf("Too short data frame\n"); return; } if (memcmp(pos, rfc1042_header, sizeof(rfc1042_header)) != 0) { printf("Data frame with no RFC1042 header\n"); return; } pos += sizeof(rfc1042_header); left -= sizeof(rfc1042_header); if (left < 2) { printf("No ethertype in data frame\n"); return; } ethertype = *pos++ << 8; ethertype |= *pos++; left -= 2; switch (ethertype) { case ETH_P_PAE: if (hapd->conf->ieee802_1x) ieee802_1x_receive(hapd, sa, pos, left); else printf("IEEE 802.1X is not configured to be used - " "dropping packet\n"); break; default: printf("Unknown ethertype 0x%04x in data frame\n", ethertype); break; } }
static int hostapd_config_reload_sta(struct hostapd_data *hapd, struct sta_info *sta, void *data) { struct hostapd_config_change *change = data; struct hostapd_bss_config *newbss, *oldbss; int deauth = 0; u8 reason = WLAN_REASON_PREV_AUTH_NOT_VALID; newbss = change->newbss; oldbss = change->oldbss; hapd = change->hapd; if (sta->ssid == &oldbss->ssid) { sta->ssid = &newbss->ssid; if (newbss->ssid.ssid_len != oldbss->ssid.ssid_len || memcmp(newbss->ssid.ssid, oldbss->ssid.ssid, newbss->ssid.ssid_len) != 0) { /* main SSID was changed - kick STA out */ deauth++; } } sta->ssid_probe = sta->ssid; /* * If MAC ACL configuration has changed, deauthenticate stations that * have been removed from accepted list or have been added to denied * list. If external RADIUS server is used for ACL, all stations are * deauthenticated and they will need to authenticate again. This * limits sudden load on the RADIUS server since the verification will * be done over the time needed for the STAs to reauthenticate * themselves. */ if (change->mac_acl_changed && (newbss->macaddr_acl == USE_EXTERNAL_RADIUS_AUTH || !hostapd_allowed_address(hapd, sta->addr, NULL, 0, NULL, NULL, NULL))) deauth++; if (newbss->ieee802_1x != oldbss->ieee802_1x && sta->ssid == &hapd->conf->ssid) deauth++; if (newbss->wpa != oldbss->wpa) deauth++; if (!newbss->wme_enabled && (sta->flags & WLAN_STA_WME)) deauth++; if (newbss->auth_algs != oldbss->auth_algs && ((sta->auth_alg == WLAN_AUTH_OPEN && !(newbss->auth_algs & HOSTAPD_AUTH_OPEN)) || (sta->auth_alg == WLAN_AUTH_SHARED_KEY && !(newbss->auth_algs & HOSTAPD_AUTH_SHARED_KEY)))) deauth++; if (change->num_sta_remove > 0) { deauth++; reason = WLAN_REASON_DISASSOC_AP_BUSY; } if (deauth) { HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL, "STA " MACSTR " deauthenticated during config reloading " "(reason=%d)\n", MAC2STR(sta->addr), reason); ieee802_11_send_deauth(hapd, sta->addr, reason); ap_sta_deauthenticate(hapd, sta, reason); change->num_sta_remove--; } return 0; }