In case of a dot11AssociationSAQueryMaximumTimeout and according to "Note 3" in IEEE-802.11-2020 "11.3.5.3 AP or PCP association receipt procedures" enumeration "j)" (page 2135), hostapd shall send a protected disassocation with ReasonCode "INVALID_AUTHENTICATION". This is needed when a forged packet (e.g. Re-Assocication Request) is getting injected during a longer power save of the station, where the station is not able to answer the SA queries. This could lead to a situation, where the AP removes the STA due to SA Query Maximum Timeout, while the station (after waking up again) believes it's still associated with this AP. To prevent this, a protected disassociation by the AP is sent out telling the station its association is no longer valid. Signed-off-by: Jan Fuchs <jf@xxxxxxxxxxxxxxxxxx> --- src/ap/sta_info.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/ap/sta_info.c b/src/ap/sta_info.c index ccd1ed931..d062a61e8 100644 --- a/src/ap/sta_info.c +++ b/src/ap/sta_info.c @@ -1159,6 +1159,12 @@ int ap_check_sa_query_timeout(struct hostapd_data *hapd, struct sta_info *sta) sta->sa_query_trans_id = NULL; sta->sa_query_count = 0; eloop_cancel_timeout(ap_sa_query_timer, hapd, sta); + + hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, + HOSTAPD_LEVEL_INFO, + "disconnected due to SA Query max timeout"); + hostapd_drv_sta_disassoc(hapd, sta->addr, WLAN_REASON_PREV_AUTH_NOT_VALID); + ap_sta_disassociate(hapd, sta, WLAN_REASON_PREV_AUTH_NOT_VALID); return 1; } -- 2.35.1 _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap
