aboutsummaryrefslogtreecommitdiffstats
path: root/package/network/services
diff options
context:
space:
mode:
authorFelix Fietkau <nbd@nbd.name>2022-09-22 14:01:52 +0200
committerFelix Fietkau <nbd@nbd.name>2022-09-22 15:26:58 +0200
commit8cb995445a26ee124e40b8ef97cc0ddd9d10f82a (patch)
treeadabd7a67b580b1930e8fba4cad12aff1c15939b /package/network/services
parentf613c1368b5c4a5cdd9fb04607faa20ace2b7b74 (diff)
downloadupstream-8cb995445a26ee124e40b8ef97cc0ddd9d10f82a.tar.gz
upstream-8cb995445a26ee124e40b8ef97cc0ddd9d10f82a.tar.bz2
upstream-8cb995445a26ee124e40b8ef97cc0ddd9d10f82a.zip
hostapd: add ubus notification on sta authorized
Also include the station auth_type in the ubus and log message in order to detect, if clients used FT or FILS to associate Signed-off-by: Felix Fietkau <nbd@nbd.name>
Diffstat (limited to 'package/network/services')
-rw-r--r--package/network/services/hostapd/patches/600-ubus_support.patch58
-rw-r--r--package/network/services/hostapd/src/src/ap/ubus.c14
-rw-r--r--package/network/services/hostapd/src/src/ap/ubus.h9
3 files changed, 79 insertions, 2 deletions
diff --git a/package/network/services/hostapd/patches/600-ubus_support.patch b/package/network/services/hostapd/patches/600-ubus_support.patch
index 7c6c5e3814..521e7df82e 100644
--- a/package/network/services/hostapd/patches/600-ubus_support.patch
+++ b/package/network/services/hostapd/patches/600-ubus_support.patch
@@ -250,8 +250,62 @@
ap_free_sta(hapd, sta);
break;
}
-@@ -1329,6 +1331,7 @@ void ap_sta_set_authorized(struct hostap
- buf, ip_addr, keyid_buf);
+@@ -1298,12 +1300,25 @@ void ap_sta_set_authorized(struct hostap
+ sta->addr, authorized, dev_addr);
+
+ if (authorized) {
++ static const char * const auth_algs[] = {
++ [WLAN_AUTH_OPEN] = "open",
++ [WLAN_AUTH_SHARED_KEY] = "shared",
++ [WLAN_AUTH_FT] = "ft",
++ [WLAN_AUTH_SAE] = "sae",
++ [WLAN_AUTH_FILS_SK] = "fils-sk",
++ [WLAN_AUTH_FILS_SK_PFS] = "fils-sk-pfs",
++ [WLAN_AUTH_FILS_PK] = "fils-pk",
++ [WLAN_AUTH_PASN] = "pasn",
++ };
++ const char *auth_alg = NULL;
+ const char *keyid;
+ char keyid_buf[100];
+ char ip_addr[100];
++ char alg_buf[100];
+
+ keyid_buf[0] = '\0';
+ ip_addr[0] = '\0';
++ alg_buf[0] = '\0';
+ #ifdef CONFIG_P2P
+ if (wpa_auth_get_ip_addr(sta->wpa_sm, ip_addr_buf) == 0) {
+ os_snprintf(ip_addr, sizeof(ip_addr),
+@@ -1313,22 +1328,31 @@ void ap_sta_set_authorized(struct hostap
+ }
+ #endif /* CONFIG_P2P */
+
++ if (sta->auth_alg < ARRAY_SIZE(auth_algs))
++ auth_alg = auth_algs[sta->auth_alg];
++
++ if (auth_alg)
++ os_snprintf(alg_buf, sizeof(alg_buf),
++ " auth_alg=%s", auth_alg);
++
+ keyid = ap_sta_wpa_get_keyid(hapd, sta);
+ if (keyid) {
+ os_snprintf(keyid_buf, sizeof(keyid_buf),
+ " keyid=%s", keyid);
+ }
+
+- wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_CONNECTED "%s%s%s",
+- buf, ip_addr, keyid_buf);
++ hostapd_ubus_notify_authorized(hapd, sta, auth_alg);
++ wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_CONNECTED "%s%s%s%s",
++ buf, ip_addr, keyid_buf, alg_buf);
+
+ if (hapd->msg_ctx_parent &&
+ hapd->msg_ctx_parent != hapd->msg_ctx)
+ wpa_msg_no_global(hapd->msg_ctx_parent, MSG_INFO,
+- AP_STA_CONNECTED "%s%s%s",
+- buf, ip_addr, keyid_buf);
++ AP_STA_CONNECTED "%s%s%s%s",
++ buf, ip_addr, keyid_buf, alg_buf);
} else {
wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_DISCONNECTED "%s", buf);
+ hostapd_ubus_notify(hapd, "disassoc", sta->addr);
diff --git a/package/network/services/hostapd/src/src/ap/ubus.c b/package/network/services/hostapd/src/src/ap/ubus.c
index 622eab8838..85281f4197 100644
--- a/package/network/services/hostapd/src/src/ap/ubus.c
+++ b/package/network/services/hostapd/src/src/ap/ubus.c
@@ -1983,6 +1983,20 @@ void hostapd_ubus_notify(struct hostapd_data *hapd, const char *type, const u8 *
ubus_notify(ctx, &hapd->ubus.obj, type, b.head, -1);
}
+void hostapd_ubus_notify_authorized(struct hostapd_data *hapd, struct sta_info *sta,
+ const char *auth_alg)
+{
+ if (!hapd->ubus.obj.has_subscribers)
+ return;
+
+ blob_buf_init(&b, 0);
+ blobmsg_add_macaddr(&b, "address", sta->addr);
+ if (auth_alg)
+ blobmsg_add_string(&b, "auth-alg", auth_alg);
+
+ ubus_notify(ctx, &hapd->ubus.obj, "sta-authorized", b.head, -1);
+}
+
void hostapd_ubus_notify_beacon_report(
struct hostapd_data *hapd, const u8 *addr, u8 token, u8 rep_mode,
struct rrm_measurement_beacon_report *rep, size_t len)
diff --git a/package/network/services/hostapd/src/src/ap/ubus.h b/package/network/services/hostapd/src/src/ap/ubus.h
index 5a33b624d0..b0f7c44ab5 100644
--- a/package/network/services/hostapd/src/src/ap/ubus.h
+++ b/package/network/services/hostapd/src/src/ap/ubus.h
@@ -65,6 +65,8 @@ void hostapd_ubus_free(struct hapd_interfaces *interfaces);
int hostapd_ubus_notify_bss_transition_query(
struct hostapd_data *hapd, const u8 *addr, u8 dialog_token, u8 reason,
const u8 *candidate_list, u16 candidate_list_len);
+void hostapd_ubus_notify_authorized(struct hostapd_data *hapd, struct sta_info *sta,
+ const char *auth_alg);
#else
@@ -140,6 +142,13 @@ static inline int hostapd_ubus_notify_bss_transition_query(
{
return 0;
}
+
+static inline void
+hostapd_ubus_notify_authorized(struct hostapd_data *hapd, struct sta_info *sta,
+ const char *auth_alg)
+{
+}
+
#endif
#endif