3 * Copyright (c) 2002-2003, Jouni Malinen <j@w1.fi>
4 * Copyright (c) 2003-2004, Instant802 Networks, Inc.
5 * Copyright (c) 2006, Devicescape Software, Inc.
6 * Copyright (c) 2007-2008, Intel Corporation
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License version 2 as
10 * published by the Free Software Foundation.
12 * Alternatively, this software may be distributed under the terms of BSD
15 * See README and COPYING for more details.
21 #include "ieee802_11.h"
25 #include "hw_features.h"
30 struct ieee80211_frame_info {
46 /* Note: this structure is otherwise identical to capture format used
47 * in linux-wlan-ng, but this additional field is used to provide meta
48 * data about the frame to hostapd. This was the easiest method for
49 * providing this information, but this might change in the future. */
51 } __attribute__ ((packed));
54 enum ieee80211_phytype {
55 ieee80211_phytype_fhss_dot11_97 = 1,
56 ieee80211_phytype_dsss_dot11_97 = 2,
57 ieee80211_phytype_irbaseband = 3,
58 ieee80211_phytype_dsss_dot11_b = 4,
59 ieee80211_phytype_pbcc_dot11_b = 5,
60 ieee80211_phytype_ofdm_dot11_g = 6,
61 ieee80211_phytype_pbcc_dot11_g = 7,
62 ieee80211_phytype_ofdm_dot11_a = 8,
63 ieee80211_phytype_dsss_dot11_turbog = 255,
64 ieee80211_phytype_dsss_dot11_turbo = 256,
68 /* AP list is a double linked list with head->prev pointing to the end of the
69 * list and tail->next = NULL. Entries are moved to the head of the list
70 * whenever a beacon has been received from the AP in question. The tail entry
71 * in this link will thus be the least recently used entry. */
74 static void ap_list_new_ap(struct hostapd_iface *iface, struct ap_info *ap)
76 wpa_printf(MSG_DEBUG, "New AP detected: " MACSTR, MAC2STR(ap->addr));
78 /* TODO: could send a notification message to an external program that
79 * would then determine whether a rogue AP has been detected */
83 static void ap_list_expired_ap(struct hostapd_iface *iface, struct ap_info *ap)
85 wpa_printf(MSG_DEBUG, "AP info expired: " MACSTR, MAC2STR(ap->addr));
87 /* TODO: could send a notification message to an external program */
91 static int ap_list_beacon_olbc(struct hostapd_iface *iface, struct ap_info *ap)
95 if (iface->current_mode->mode != HOSTAPD_MODE_IEEE80211G ||
96 ap->phytype != ieee80211_phytype_pbcc_dot11_g ||
97 iface->conf->channel != ap->channel)
100 if (ap->erp != -1 && (ap->erp & ERP_INFO_NON_ERP_PRESENT))
103 for (i = 0; i < WLAN_SUPP_RATES_MAX; i++) {
104 int rate = (ap->supported_rates[i] & 0x7f) * 5;
105 if (rate == 60 || rate == 90 || rate > 110)
113 #ifdef CONFIG_IEEE80211N
114 static int ap_list_beacon_olbc_ht(struct hostapd_iface *iface,
117 return !ap->ht_support;
119 #endif /* CONFIG_IEEE80211N */
122 struct ap_info * ap_get_ap(struct hostapd_iface *iface, u8 *ap)
126 s = iface->ap_hash[STA_HASH(ap)];
127 while (s != NULL && os_memcmp(s->addr, ap, ETH_ALEN) != 0)
133 static void ap_ap_list_add(struct hostapd_iface *iface, struct ap_info *ap)
135 if (iface->ap_list) {
136 ap->prev = iface->ap_list->prev;
137 iface->ap_list->prev = ap;
140 ap->next = iface->ap_list;
145 static void ap_ap_list_del(struct hostapd_iface *iface, struct ap_info *ap)
147 if (iface->ap_list == ap)
148 iface->ap_list = ap->next;
150 ap->prev->next = ap->next;
153 ap->next->prev = ap->prev;
154 else if (iface->ap_list)
155 iface->ap_list->prev = ap->prev;
159 static void ap_ap_iter_list_add(struct hostapd_iface *iface,
162 if (iface->ap_iter_list) {
163 ap->iter_prev = iface->ap_iter_list->iter_prev;
164 iface->ap_iter_list->iter_prev = ap;
167 ap->iter_next = iface->ap_iter_list;
168 iface->ap_iter_list = ap;
172 static void ap_ap_iter_list_del(struct hostapd_iface *iface,
175 if (iface->ap_iter_list == ap)
176 iface->ap_iter_list = ap->iter_next;
178 ap->iter_prev->iter_next = ap->iter_next;
181 ap->iter_next->iter_prev = ap->iter_prev;
182 else if (iface->ap_iter_list)
183 iface->ap_iter_list->iter_prev = ap->iter_prev;
187 static void ap_ap_hash_add(struct hostapd_iface *iface, struct ap_info *ap)
189 ap->hnext = iface->ap_hash[STA_HASH(ap->addr)];
190 iface->ap_hash[STA_HASH(ap->addr)] = ap;
194 static void ap_ap_hash_del(struct hostapd_iface *iface, struct ap_info *ap)
198 s = iface->ap_hash[STA_HASH(ap->addr)];
199 if (s == NULL) return;
200 if (os_memcmp(s->addr, ap->addr, ETH_ALEN) == 0) {
201 iface->ap_hash[STA_HASH(ap->addr)] = s->hnext;
205 while (s->hnext != NULL &&
206 os_memcmp(s->hnext->addr, ap->addr, ETH_ALEN) != 0)
208 if (s->hnext != NULL)
209 s->hnext = s->hnext->hnext;
211 printf("AP: could not remove AP " MACSTR " from hash table\n",
216 static void ap_free_ap(struct hostapd_iface *iface, struct ap_info *ap)
218 ap_ap_hash_del(iface, ap);
219 ap_ap_list_del(iface, ap);
220 ap_ap_iter_list_del(iface, ap);
227 static void hostapd_free_aps(struct hostapd_iface *iface)
229 struct ap_info *ap, *prev;
236 ap_free_ap(iface, prev);
239 iface->ap_list = NULL;
243 int ap_ap_for_each(struct hostapd_iface *iface,
244 int (*func)(struct ap_info *s, void *data), void *data)
262 static struct ap_info * ap_ap_add(struct hostapd_iface *iface, u8 *addr)
266 ap = os_zalloc(sizeof(struct ap_info));
270 /* initialize AP info data */
271 os_memcpy(ap->addr, addr, ETH_ALEN);
272 ap_ap_list_add(iface, ap);
274 ap_ap_hash_add(iface, ap);
275 ap_ap_iter_list_add(iface, ap);
277 if (iface->num_ap > iface->conf->ap_table_max_size && ap != ap->prev) {
278 wpa_printf(MSG_DEBUG, "Removing the least recently used AP "
279 MACSTR " from AP table", MAC2STR(ap->prev->addr));
280 if (iface->conf->passive_scan_interval > 0)
281 ap_list_expired_ap(iface, ap->prev);
282 ap_free_ap(iface, ap->prev);
289 void ap_list_process_beacon(struct hostapd_iface *iface,
290 struct ieee80211_mgmt *mgmt,
291 struct ieee802_11_elems *elems,
292 struct hostapd_frame_info *fi)
299 if (iface->conf->ap_table_max_size < 1)
302 ap = ap_get_ap(iface, mgmt->bssid);
304 ap = ap_ap_add(iface, mgmt->bssid);
306 printf("Failed to allocate AP information entry\n");
312 ap->beacon_int = le_to_host16(mgmt->u.beacon.beacon_int);
313 ap->capability = le_to_host16(mgmt->u.beacon.capab_info);
316 len = elems->ssid_len;
317 if (len >= sizeof(ap->ssid))
318 len = sizeof(ap->ssid) - 1;
319 os_memcpy(ap->ssid, elems->ssid, len);
320 ap->ssid[len] = '\0';
324 os_memset(ap->supported_rates, 0, WLAN_SUPP_RATES_MAX);
326 if (elems->supp_rates) {
327 len = elems->supp_rates_len;
328 if (len > WLAN_SUPP_RATES_MAX)
329 len = WLAN_SUPP_RATES_MAX;
330 os_memcpy(ap->supported_rates, elems->supp_rates, len);
332 if (elems->ext_supp_rates) {
334 if (len + elems->ext_supp_rates_len > WLAN_SUPP_RATES_MAX)
335 len2 = WLAN_SUPP_RATES_MAX - len;
337 len2 = elems->ext_supp_rates_len;
338 os_memcpy(ap->supported_rates + len, elems->ext_supp_rates,
342 ap->wpa = elems->wpa_ie != NULL;
344 if (elems->erp_info && elems->erp_info_len == 1)
345 ap->erp = elems->erp_info[0];
349 if (elems->ds_params && elems->ds_params_len == 1)
350 ap->channel = elems->ds_params[0];
352 ap->channel = fi->channel;
354 if (elems->ht_capabilities)
360 time(&ap->last_beacon);
362 ap->phytype = fi->phytype;
363 ap->ssi_signal = fi->ssi_signal;
364 ap->datarate = fi->datarate;
368 if (iface->conf->passive_scan_interval > 0)
369 ap_list_new_ap(iface, ap);
370 } else if (ap != iface->ap_list) {
371 /* move AP entry into the beginning of the list so that the
372 * oldest entry is always in the end of the list */
373 ap_ap_list_del(iface, ap);
374 ap_ap_list_add(iface, ap);
378 ap_list_beacon_olbc(iface, ap)) {
380 wpa_printf(MSG_DEBUG, "OLBC AP detected: " MACSTR " - enable "
381 "protection", MAC2STR(ap->addr));
385 #ifdef CONFIG_IEEE80211N
386 if (!iface->olbc_ht && ap_list_beacon_olbc_ht(iface, ap)) {
388 hostapd_ht_operation_update(iface);
389 wpa_printf(MSG_DEBUG, "OLBC HT AP detected: " MACSTR
390 " - enable protection", MAC2STR(ap->addr));
393 #endif /* CONFIG_IEEE80211N */
396 ieee802_11_set_beacons(iface);
400 static void ap_list_timer(void *eloop_ctx, void *timeout_ctx)
402 struct hostapd_iface *iface = eloop_ctx;
407 eloop_register_timeout(10, 0, ap_list_timer, iface, NULL);
414 /* FIX: it looks like jkm-Purina ended up in busy loop in this
415 * function. Apparently, something can still cause a loop in the AP
418 while (iface->ap_list) {
419 ap = iface->ap_list->prev;
420 if (ap->last_beacon + iface->conf->ap_table_expiration_time >=
424 if (iface->conf->passive_scan_interval > 0)
425 ap_list_expired_ap(iface, ap);
426 ap_free_ap(iface, ap);
429 if (iface->olbc || iface->olbc_ht) {
434 while (ap && (olbc == 0 || olbc_ht == 0)) {
435 if (ap_list_beacon_olbc(iface, ap))
437 #ifdef CONFIG_IEEE80211N
438 if (ap_list_beacon_olbc_ht(iface, ap))
440 #endif /* CONFIG_IEEE80211N */
443 if (!olbc && iface->olbc) {
444 wpa_printf(MSG_DEBUG, "OLBC not detected anymore");
448 #ifdef CONFIG_IEEE80211N
449 if (!olbc_ht && iface->olbc_ht) {
450 wpa_printf(MSG_DEBUG, "OLBC HT not detected anymore");
452 hostapd_ht_operation_update(iface);
455 #endif /* CONFIG_IEEE80211N */
459 ieee802_11_set_beacons(iface);
463 int ap_list_init(struct hostapd_iface *iface)
465 eloop_register_timeout(10, 0, ap_list_timer, iface, NULL);
470 void ap_list_deinit(struct hostapd_iface *iface)
472 eloop_cancel_timeout(ap_list_timer, iface, NULL);
473 hostapd_free_aps(iface);
477 int ap_list_reconfig(struct hostapd_iface *iface,
478 struct hostapd_config *oldconf)
483 if (iface->conf->ap_table_max_size == oldconf->ap_table_max_size &&
484 iface->conf->ap_table_expiration_time ==
485 oldconf->ap_table_expiration_time)
490 while (iface->ap_list) {
491 ap = iface->ap_list->prev;
492 if (iface->num_ap <= iface->conf->ap_table_max_size &&
493 ap->last_beacon + iface->conf->ap_table_expiration_time >=
497 if (iface->conf->passive_scan_interval > 0)
498 ap_list_expired_ap(iface, iface->ap_list->prev);
499 ap_free_ap(iface, iface->ap_list->prev);