| developer | dfb5098 | 2023-09-11 13:34:36 +0800 | [diff] [blame] | 1 | From 26cd9bafc1d25e602952ee86cd2a5b8c3a995490 Mon Sep 17 00:00:00 2001 |
| 2 | From: Stijn Tintel <stijn@linux-ipv6.be> |
| 3 | Date: Fri, 28 Jul 2023 16:27:47 +0300 |
| 4 | Subject: [PATCH] Revert "Do prune_association only after the STA is |
| 5 | authorized" |
| 6 | |
| 7 | Commit e978072baaca ("Do prune_association only after the STA is |
| 8 | authorized") causes issues when an STA roams from one interface to |
| 9 | another interface on the same PHY. The mt7915 driver is not able to |
| 10 | handle this properly. While the commits fixes a DoS, there are other |
| 11 | devices and drivers with the same limitation, so revert to the orginal |
| 12 | behavior for now, until we have a better solution in place. |
| 13 | |
| 14 | Ref: https://github.com/openwrt/openwrt/issues/13156 |
| 15 | Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> |
| 16 | --- |
| 17 | src/ap/hostapd.c | 14 +++++++++++--- |
| 18 | src/ap/sta_info.c | 3 --- |
| 19 | 2 files changed, 11 insertions(+), 6 deletions(-) |
| 20 | |
| 21 | --- a/src/ap/hostapd.c |
| 22 | +++ b/src/ap/hostapd.c |
| developer | e35b8e4 | 2023-10-16 11:04:00 +0800 | [diff] [blame^] | 23 | @@ -3564,6 +3564,8 @@ int hostapd_remove_iface(struct hapd_int |
| developer | dfb5098 | 2023-09-11 13:34:36 +0800 | [diff] [blame] | 24 | void hostapd_new_assoc_sta(struct hostapd_data *hapd, struct sta_info *sta, |
| 25 | int reassoc) |
| 26 | { |
| 27 | + int mld_assoc_link_id = -1; |
| 28 | + |
| 29 | if (hapd->tkip_countermeasures) { |
| 30 | hostapd_drv_sta_deauth(hapd, sta->addr, |
| 31 | WLAN_REASON_MICHAEL_MIC_FAILURE); |
| developer | e35b8e4 | 2023-10-16 11:04:00 +0800 | [diff] [blame^] | 32 | @@ -3571,10 +3573,16 @@ void hostapd_new_assoc_sta(struct hostap |
| developer | dfb5098 | 2023-09-11 13:34:36 +0800 | [diff] [blame] | 33 | } |
| 34 | |
| 35 | #ifdef CONFIG_IEEE80211BE |
| 36 | - if (hapd->conf->mld_ap && sta->mld_info.mld_sta && |
| 37 | - sta->mld_assoc_link_id != hapd->mld_link_id) |
| 38 | - return; |
| 39 | + if (hapd->conf->mld_ap && sta->mld_info.mld_sta) { |
| 40 | + if (sta->mld_assoc_link_id == hapd->mld_link_id) { |
| 41 | + mld_assoc_link_id = sta->mld_assoc_link_id; |
| 42 | + } else { |
| 43 | + return; |
| 44 | + } |
| 45 | + } |
| 46 | #endif /* CONFIG_IEEE80211BE */ |
| 47 | + if (mld_assoc_link_id != -2) |
| 48 | + hostapd_prune_associations(hapd, sta->addr, mld_assoc_link_id); |
| 49 | |
| 50 | ap_sta_clear_disconnect_timeouts(hapd, sta); |
| 51 | sta->post_csa_sa_query = 0; |
| 52 | --- a/src/ap/sta_info.c |
| 53 | +++ b/src/ap/sta_info.c |
| 54 | @@ -1318,9 +1318,6 @@ void ap_sta_set_authorized(struct hostap |
| 55 | mld_assoc_link_id = -2; |
| 56 | } |
| 57 | #endif /* CONFIG_IEEE80211BE */ |
| 58 | - if (mld_assoc_link_id != -2) |
| 59 | - hostapd_prune_associations(hapd, sta->addr, |
| 60 | - mld_assoc_link_id); |
| 61 | sta->flags |= WLAN_STA_AUTHORIZED; |
| 62 | } else { |
| 63 | sta->flags &= ~WLAN_STA_AUTHORIZED; |