DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

Copy WLAN-Reason-Code value from Access-Reject to Deauthentication

Browse source 
This makes hostapd use the WLAN-Reason-Code value from Access-Reject
when disconnecting a station due to IEEE 802.1X authentication failure.
If the RADIUS server does not include this attribute, the default value
23 (IEEE 802.1X authentication failed) is used. That value was the
previously hardcoded reason code.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
Jouni Malinen 2018-01-12 20:55:33 +02:00
parent f75ed556c8
commit 5d5ee699a5
3 changed files with 14 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

8
src/ap/ieee802_1x.c
View file

@ -1691,6 +1691,7 @@ ieee802_1x_receive_auth(struct radius_msg *msg, struct radius_msg *req,
struct sta_info *sta;
u32 session_timeout = 0, termination_action, acct_interim_interval;
int session_timeout_set;
u32 reason_code;
struct eapol_state_machine *sm;
int override_eapReq = 0;
struct radius_hdr *hdr = radius_msg_get_hdr(msg);
@ -1839,6 +1840,13 @@ ieee802_1x_receive_auth(struct radius_msg *msg, struct radius_msg *req,
case RADIUS_CODE_ACCESS_REJECT:
sm->eap_if->aaaFail = TRUE;
override_eapReq = 1;
if (radius_msg_get_attr_int32(msg, RADIUS_ATTR_WLAN_REASON_CODE,
&reason_code) == 0) {
wpa_printf(MSG_DEBUG,
"RADIUS server indicated WLAN-Reason-Code %u in Access-Reject for "
MACSTR, reason_code, MAC2STR(sta->addr));
sta->disconnect_reason_code = reason_code;
}
break;
case RADIUS_CODE_ACCESS_CHALLENGE:
sm->eap_if->aaaEapReq = TRUE;