about "IBSS RSN: Add a timeout for Authentication frame exchange"

Antonio Quartulli ordex
Wed Aug 28 15:32:58 PDT 2013

On Wed, Aug 28, 2013 at 08:46:40PM +0200, Nicolas Cavallari wrote:
> On 28/08/2013 20:37, Antonio Quartulli wrote:
> > On Wed, Aug 28, 2013 at 08:28:43PM +0200, Nicolas Cavallari wrote:
> >> On 28/08/2013 19:08, Antonio Quartulli wrote:
> >>> - assuming that both the peers support Auth exchange, in case of frame loss, I
> >>>   think it would be better to delete the station and try again, rather than
> >>>   ignoring the Auth exchange at all. What do you think?
> >>
> >> Especially since this is what will happen anyway since your kernel patch
> >> to expire unauthenticated stations has been applied.
> >>
> > 
> > Right. So this will happen automatically.
> > 
> >> Manually resending an authentication frame might be another option, but
> >> it will not work if the peer does not support auth exchange at all.
> > 
> > In the latter case the other peer will immediately start sending EAPOL 1/4.
> > So we will do the same right after.
> Not necessarily. If i remember the standard correctly, the decision to
> try to authenticate with peers is a local policy. The other peer may
> simply not try to authenticate with you, but it must respond to your
> request anyway.

In section 10.3.4 the standard says that Authentication is optional in an IBSS,
but does not specify what to do in case of Auth reception.

However says what a station should do on Auth reception and in this
case it does not state anything about the possibility of not answering.
Therefore I think you were right: a STA in an IBSS must respond to the request.

Antonio Quartulli

..each of us alone is worth nothing..
Ernesto "Che" Guevara
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.shmoo.com/pipermail/hostap/attachments/20130829/1fec3b05/attachment.pgp>

More information about the Hostap mailing list