hostapd handling .1x and reassoc

Ta-Chien Lin
Fri Dec 22 09:31:00 PST 2006

When hostapd is running in 802.1x mode and an associated client (AP's
perspective) sends ASSOC or RE-ASSOC, both are treated as RE-ASSOC by
hostapd. With syslog logging level set to 0, the event sequence is as the
following: hostapd: wlan0: STA 00:12:f0:5b:95:2a IEEE 802.11: associated
daemon.debug hostapd: wlan0: STA 00:12:f0:5b:95:2a WPA: event 1 notification
daemon.debug hostapd: wlan0: STA 00:12:f0:5b:95:2a WPA: event 4 notification

At this point, if the AP does not receive EAPOL-Start from the client (event
5 notification), for any reason, the connection remains "authorized" but
there is no longer any KEY.

In a real assoc event, hostapd will take the data path to immediately begin
.1X authentication, so the connection can move along, whether STA sends
EAPOL-Start or not.

It would be good if on a "re-assoc" event, hostapd does the same thing,
without waiting for STA's EAPOL-Start to show up.

This can be accomplished by adding "sta->eapol_sm->reAuthenticate = TRUE;"
in the function ieee802_1x_new_station, in the else clause of "if
(sta->pmksa)", just before stepping through the eapol state machine.

-------------- next part --------------
An HTML attachment was scrubbed...

More information about the Hostap mailing list