From 3626e72c8dc1925920130851aa14d285dca66248 Mon Sep 17 00:00:00 2001 From: Sergey Matyukevich Date: Wed, 16 Oct 2019 10:44:49 +0000 Subject: [PATCH] l2_packet: Fix bridge workaround for repeater configuration In repeater configuration, both AP and STA wireless interfaces may be included into the same bridge. In this case the following race condition may occur: wpa_supplicant and hostapd are started, then hostapd clients are connected before wpa_supplicant connects to remote AP. EAPOL packets between hostapd and its clients are detected by wpa_supplicant on bridge interface, prematurely disabling the workaround. One possible option to fix this issue is to check EAPOL destination MAC in wpa_supplicant and disable workaround only if EAPOL packet on bridge interface is indeed intended for wpa_supplicant. Signed-off-by: Sergey Matyukevich --- src/l2_packet/l2_packet_linux.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/l2_packet/l2_packet_linux.c b/src/l2_packet/l2_packet_linux.c index 291c9dd26..138dcafcf 100644 --- a/src/l2_packet/l2_packet_linux.c +++ b/src/l2_packet/l2_packet_linux.c @@ -171,13 +171,16 @@ static void l2_packet_receive(int sock, void *eloop_ctx, void *sock_ctx) u8 hash[SHA1_MAC_LEN]; const u8 *addr[1]; size_t len[1]; + const struct l2_ethhdr *eth = (const struct l2_ethhdr *) buf; /* * Close the workaround socket if the kernel version seems to be * able to deliver packets through the packet socket before * authorization has been completed (in dormant state). */ - if (l2->num_rx_br <= 1) { + if (l2->num_rx_br <= 1 && + (os_memcmp(eth->h_dest, l2->own_addr, ETH_ALEN) == 0 || + is_multicast_ether_addr(eth->h_dest))) { wpa_printf(MSG_DEBUG, "l2_packet_receive: Main packet socket for %s seems to have working RX - close workaround bridge socket", l2->ifname);