002-Fix-duplicate-Reassociation-Request-frame-dropping.patch 1.6 KB

123456789101112131415161718192021222324252627282930313233343536
  1. From: Jouni Malinen <jouni@qca.qualcomm.com>
  2. Date: Sat, 14 Jan 2017 01:04:31 +0200
  3. Subject: [PATCH] Fix duplicate Reassociation Request frame dropping
  4. Relational operators (==) have higher precedence than the ternary
  5. conditional in C. The last_subtype check for association/reassociation
  6. was broken due to incorrect assumption about the precedence. Fix this by
  7. adding parenthesis around the ternary conditional.
  8. The previous implementation worked for Association Request frames by
  9. accident since WLAN_FC_STYPE_ASSOC_REQ happens to have value 0 and when
  10. the last receive frame was an Association Request frame, the
  11. sta->last_subtype == reassoc check was true and non-zero
  12. WLAN_FC_STYPE_REASSOC_REQ was interpreted as true. However, this was
  13. broken for Reassociation Request frame. reassoc == 1 in that case could
  14. have matched received Association Response frame (subtype == 1), but
  15. those are not received in AP mode and as such, this did not break other
  16. behavior apart from not being able to drop duplicated Reassociation
  17. Request frames.
  18. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
  19. ---
  20. --- a/src/ap/ieee802_11.c
  21. +++ b/src/ap/ieee802_11.c
  22. @@ -2485,8 +2485,8 @@ static void handle_assoc(struct hostapd_
  23. if ((fc & WLAN_FC_RETRY) &&
  24. sta->last_seq_ctrl != WLAN_INVALID_MGMT_SEQ &&
  25. sta->last_seq_ctrl == seq_ctrl &&
  26. - sta->last_subtype == reassoc ? WLAN_FC_STYPE_REASSOC_REQ :
  27. - WLAN_FC_STYPE_ASSOC_REQ) {
  28. + sta->last_subtype == (reassoc ? WLAN_FC_STYPE_REASSOC_REQ :
  29. + WLAN_FC_STYPE_ASSOC_REQ)) {
  30. hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
  31. HOSTAPD_LEVEL_DEBUG,
  32. "Drop repeated association frame seq_ctrl=0x%x",