Use eloop timeout for post-EAP-Failure wait before disconnection
Previously, os_sleep() was used to block the hostapd (or wpa_supplicant AP/P2P GO mode) processing between sending out EAP-Failure and disconnecting the STA. This is not ideal for couple of reasons: it blocks all other parallel operations in the process and it leaves a window during which the station might deauthenticate and the AP would have no option for reacting to that before forcing out its own Deauthentication frame which could go out after the STA has already started new connection attempt. Improve this design by scheduling an eloop timeout of 10 ms instead of the os_sleep() call and perform the delayed operations from the eloop callback function. This eloop timeout is cancelled if the STA disconnects or initiates a new connection attempt before the 10 ms time is reached. This gets rid of the confusing extra Deauthentication frame in cases where the STA reacts to EAP-Failure by an immediate deauthentication. Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen
parent
29bf636e12
commit
0f5eb69f85
3 changed files with 69 additions and 11 deletions
|
|
@ -2364,6 +2364,16 @@ int ieee802_1x_eapol_tx_status(struct hostapd_data *hapd, struct sta_info *sta,
|
|||
MAC2STR(sta->addr), xhdr->version, xhdr->type,
|
||||
be_to_host16(xhdr->length), ack);
|
||||
|
||||
#ifdef CONFIG_WPS
|
||||
if (xhdr->type == IEEE802_1X_TYPE_EAP_PACKET && ack &&
|
||||
(sta->flags & WLAN_STA_WPS) &&
|
||||
ap_sta_pending_delayed_1x_auth_fail_disconnect(hapd, sta)) {
|
||||
wpa_printf(MSG_DEBUG,
|
||||
"WPS: Indicate EAP completion on ACK for EAP-Failure");
|
||||
hostapd_wps_eap_completed(hapd);
|
||||
}
|
||||
#endif /* CONFIG_WPS */
|
||||
|
||||
if (xhdr->type != IEEE802_1X_TYPE_EAPOL_KEY)
|
||||
return 0;
|
||||
|
||||
|
|
@ -2737,15 +2747,6 @@ static void ieee802_1x_finished(struct hostapd_data *hapd,
|
|||
* EAP-FAST with anonymous provisioning, may require another
|
||||
* EAPOL authentication to be started to complete connection.
|
||||
*/
|
||||
wpa_dbg(hapd->msg_ctx, MSG_DEBUG, "IEEE 802.1X: Force "
|
||||
"disconnection after EAP-Failure");
|
||||
/* Add a small sleep to increase likelihood of previously
|
||||
* requested EAP-Failure TX getting out before this should the
|
||||
* driver reorder operations.
|
||||
*/
|
||||
os_sleep(0, 10000);
|
||||
ap_sta_disconnect(hapd, sta, sta->addr,
|
||||
WLAN_REASON_IEEE_802_1X_AUTH_FAILED);
|
||||
hostapd_wps_eap_completed(hapd);
|
||||
ap_sta_delayed_1x_auth_fail_disconnect(hapd, sta);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue