WPS Failure due to explicit deauth

Jithu Jance jithu.jance at broadcom.com
Thu Jun 30 22:25:21 PDT 2016

Hi all,

Request help with a wps-failure issue. The explicit deauth code in the
function: ieee802_1x_finished is causing some interop issues. This
issue happens when the peer device (GC/STA) is very aggressive in
sending in the auth request following the EAP-FAIL. In one such
scenario, the auth request from peer has reached GO/AP in around
7-10ms. So in this case this explicit deauth reaches firmware after
driver/fw has moved to auth/assoc state and terminates the on-going

Would it be okay to make this explicit deauth code conditional under a
supplicant conf variable?

Could you share your thoughts on this? Accordingly, I shall prepare a
patch for this.

static void ieee802_1x_finished(struct hostapd_data *hapd,
                struct sta_info *sta, int success,
                int remediation)

    if (!success) {
         * Many devices require deauthentication after WPS provisioning
         * and some may not be be able to do that themselves, so
         * disconnect the client here. In addition, this may also
         * benefit IEEE 802.1X/EAPOL authentication cases, too since
         * the EAPOL PAE state machine would remain in HELD state for
         * considerable amount of time and some EAP methods, like
         * EAP-FAST with anonymous provisioning, may require another
         * EAPOL authentication to be started to complete connection.
        wpa_dbg(hapd->msg_ctx, MSG_DEBUG, "IEEE 802.1X: Force "
            "disconnection after EAP-Failure");
        /* Add a small sleep to increase likelihood of previously
         * requested EAP-Failure TX getting out before this should the
         * driver reorder operations.
+++++++++++++++++++++++++++++++++++++++++++++++ Explicit Deauth
        os_sleep(0, 10000);
        ap_sta_disconnect(hapd, sta, sta->addr,



Jithu Jance

More information about the Hostap mailing list