[PATCH] AP: Optionally deauth station that auths twice

Paul Stewart pstew
Wed Jul 6 08:35:47 PDT 2011 

On Mon, Jul 4, 2011 at 11:00 AM, Jouni Malinen <j at w1.fi> wrote:
> On Mon, Jun 06, 2011 at 02:12:44PM -0700, Paul Stewart wrote:
>> The 802.11 spec has a clause that states that if a STA
>> authenticates while the AP has state indicating the STA
>> is already authenticated, it should send a DEAUTH with
>> WLAN_REASON_PREV_AUTH_NOT_VALID to the station first.
>> Add an optional parameter to hostapd so it can replicate
>> this behavior.
>
> Could you please identify which clause says that? A quick search through
> IEEE Std 802.11-2007 (and REVmb/D9.0 for that matter) did not bring up
> good matches describing such behavior. Since this would actually break
> fast BSS transition (IEEE 802.11r) if the non-AP STA were to return to
> an earlier AP, I would like to understand the exact suggestion or
> requirement in the standard that you are referring to (it may need to be
> fixed to be conditional on something).
>
> IEEE 802.11w-2009 added somewhat similar behavior for the case where SA
> Query procedure fails, but that is only used if PMF is enabled and the
> frame would be Disassocation, not Deauthentication.

I think this is what I read that made me think this behavior was
related to a specification.  However, as you describe, that behavior
is for association, and shouldn't even be enabled under normal
conditions.  with that in mind, I'd consider this "broken behavior",
however it is behavior I've seen in the field with other devices, and
I find it useful to be able to optionally turn on this behavior in
hostapd in order to ensure the kernel, supplicant and connection
manager handle this correctly.  If you choose to accept this change,
perhaps I need stronger language in the comment above this option flag
to say something like "bug compatible" or "emulate quirky behavior for
testing".

--
Paul

> --
> Jouni Malinen ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ?PGP id EFC895FA
> _______________________________________________
> HostAP mailing list
> HostAP at lists.shmoo.com
> http://lists.shmoo.com/mailman/listinfo/hostap
>

More information about the Hostap mailing list