[PATCH] Force disconnect a P2P Client/STA from GO/AP side

Jouni Malinen j
Sat Dec 17 08:17:22 PST 2011 

On Wed, Dec 14, 2011 at 06:12:49AM -0800, Jithu Jance wrote:
> This patch adds a new command "disconnect_sta <mac addr>" to force disconnect
> a STA/P2P Client from AP/P2P GO side. Note that P2P Client/STA may connect back 
> immediately since AP profile may not be disabled at the client/STA side. Currently, this
> is primarily useful for testing purposes.

Why would a new command be needed for this? hostapd already has
deauthenticate and disassociate ctrl_iface commands. Wouldn't one of
those be suitable for this need, too?

> This will be much more useful in scenarios where client side doesn't reconnect back (after disconnection). 
> This will allow the applications to tear-down connections from the P2P-GO side as well.
> For e.g, if mobile acts a GO and it has around 2-3 connections, this cmd will allow to 
> explicitly tear down a particular client from GO side. But again, this depends on the client side
> application framework. For temporary connections such as WiFi-Direct where roaming
> cases are extremely rare, Client side application framework may choose to disable P2P
> Client interface on getting the CTRL-EVENT-DISCONNECTED event rather than retrying 
> to connect.

This does not sound like something that I would trust on. If the needed
functionality is to kick a P2P client away from the group, that client
would need to be prevented from reconnecting. Just sending a
Deauthentication frame to it does not guarantee anything. And well, even
this is not really suitable from the security view point if the stations
in the group share the same PSK. Unfortunately, P2P specification does
not provide a very good mechanism for handling this type of operations
reliably.

> diff --git a/hostapd/hostapd_cli.c b/hostapd/hostapd_cli.c
> index 527860c..5eeefea 100644
> --- a/hostapd/hostapd_cli.c
> +++ b/hostapd/hostapd_cli.c
> @@ -732,6 +749,7 @@ static struct hostapd_cli_cmd hostapd_cli_commands[] = {
> +	{ "disconnect_sta", hostapd_cli_cmd_disconnect_sta },
>  	{ "new_sta", hostapd_cli_cmd_new_sta },
>  	{ "deauthenticate", hostapd_cli_cmd_deauthenticate },
>  	{ "disassociate", hostapd_cli_cmd_disassociate },

Those deauth/disassoc commands should be used rather than adding a new
command. Sure, they would need to be moved from hostapd/ctrl_iface.c to
src/ap/ctrl_iface_ap.c, but that is better than introducing duplicated
functionality.

-- 
Jouni Malinen                                            PGP id EFC895FA

More information about the Hostap mailing list