diff options
author | Eyal Shapira <eyal@wizery.com> | 2012-02-08 16:51:01 +0200 |
---|---|---|
committer | Arik Nemtsov <arik@wizery.com> | 2012-08-02 13:00:26 +0300 |
commit | 514536266699cdd5fc113de3e3bef5155313b6d9 (patch) | |
tree | d479f48dfb0e550dae2ce3f3ae3ac600f5b125fe /src/ap | |
parent | 40562272d5980b17aa0a56fec10ac892027186ba (diff) | |
download | external_wpa_supplicant_8_ti-514536266699cdd5fc113de3e3bef5155313b6d9.zip external_wpa_supplicant_8_ti-514536266699cdd5fc113de3e3bef5155313b6d9.tar.gz external_wpa_supplicant_8_ti-514536266699cdd5fc113de3e3bef5155313b6d9.tar.bz2 |
Fix deauth with reason 7 due to multiple assoc_req received
Additional assoc_reqs received after an initial assoc_req (due to a timeout
in the STA) was already being handled caused the handle_assoc flow to
run again and in the process delete the station added to the driver
(in add_pre_assoc_sta). A race would occur where assoc_resp
was already sent to the STA (as part of the handling of the initial
assoc_req) and it sent a null data packet which arrived
while the station was deleted. This caused the packet to be classified
as a class 3 frame coming from an unknown STA and a deauth
would occur. Fix this by discarding additional assoc_req between
receiving the 1st assoc_req and getting a tx callback for the assoc_resp.
Signed-off-by: Eyal Shapira <eyal@wizery.com>
Diffstat (limited to 'src/ap')
-rw-r--r-- | src/ap/ieee802_11.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c index 67745e9..6821205 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -1026,6 +1026,14 @@ static void handle_assoc(struct hostapd_data *hapd, return; } + if ((sta->flags & WLAN_STA_ASSOC_REQ_OK) && + !(sta->flags & WLAN_STA_ASSOC)) { + hostapd_logger(hapd, mgmt->sa, HOSTAPD_MODULE_IEEE80211, + HOSTAPD_LEVEL_INFO, "Station sent another " + "assoc req before assoc resp. Discarding"); + return; + } + if (hapd->tkip_countermeasures) { resp = WLAN_REASON_MICHAEL_MIC_FAILURE; goto fail; @@ -1548,6 +1556,7 @@ static void handle_assoc_cb(struct hostapd_data *hapd, "did not acknowledge association response"); if (status == WLAN_STATUS_SUCCESS) hostapd_drv_sta_remove(hapd, sta->addr); + sta->flags &= ~WLAN_STA_ASSOC_REQ_OK; return; } |