Do prune_association only after the STA is authorized
Prune-associations should be done only after the new station is authorized. Otherwise any STA can cause denial of service to connected stations in PMF case when more than a single interface is being controlled by the same hostapd process. Signed-off-by: Adil Saeed Musthafa <quic_adilm@quicinc.com>
This commit is contained in:
parent
a2c09eb95e
commit
e978072baa
2 changed files with 4 additions and 3 deletions
|
@ -3339,7 +3339,6 @@ void hostapd_new_assoc_sta(struct hostapd_data *hapd, struct sta_info *sta,
|
|||
return;
|
||||
}
|
||||
|
||||
hostapd_prune_associations(hapd, sta->addr);
|
||||
ap_sta_clear_disconnect_timeouts(hapd, sta);
|
||||
sta->post_csa_sa_query = 0;
|
||||
|
||||
|
|
|
@ -1280,10 +1280,12 @@ void ap_sta_set_authorized(struct hostapd_data *hapd, struct sta_info *sta,
|
|||
if (!!authorized == !!(sta->flags & WLAN_STA_AUTHORIZED))
|
||||
return;
|
||||
|
||||
if (authorized)
|
||||
if (authorized) {
|
||||
hostapd_prune_associations(hapd, sta->addr);
|
||||
sta->flags |= WLAN_STA_AUTHORIZED;
|
||||
else
|
||||
} else {
|
||||
sta->flags &= ~WLAN_STA_AUTHORIZED;
|
||||
}
|
||||
|
||||
#ifdef CONFIG_P2P
|
||||
if (hapd->p2p_group == NULL) {
|
||||
|
|
Loading…
Reference in a new issue