Ensure authenticator session timer is applied with wired driver

We use the wired driver for wired port authentication with a slight extension to add the port into a bridge upon successful authentication and to remove it from the bridge when the session terminates. Our expectation was that the Session-Timeout configuration at the RADIUS server is respected, i.e. the session is terminated and would need re-authentication - like it is working for WLAN sessions over the nl80211 driver. Alas, it turned out the session is not terminated with the wired driver. It turned out that when ap_handle_session_timer() is executed, the sta->flags of the wired port has only the WLAN_STA_AUTHORIZED bit set. The WLAN_STA_AUTH bit, which is used to check whether the STA needs to be de-authenticated, is missing. Extend the check for any of the WLAN_STA_(AUTH | ASSOC | AUTHORIZED) bits to solve this issue with the wired driver. That should not have any side-effect for the WLAN cases since WLAN_STA_AUTH is expected to always be set for those when there is an ongoing session and separate checks for ASSOC and AUTHORIZED don't change this. Signed-off-by: Zefir Kurtisi <zefir.kurtisi@neratec.com>
2019-04-29 11:00:02 +02:00 · 2019-04-29 11:00:02 +02:00 · ef48f1bfb3
parent 44adf014ff
commit ef48f1bfb3
1 changed files with 2 additions and 1 deletions
--- a/src/ap/sta_info.c
+++ b/src/ap/sta_info.c
@ -586,7 +586,8 @@ static void ap_handle_session_timer(void *eloop_ctx, void *timeout_ctx)

 	wpa_printf(MSG_DEBUG, "%s: Session timer for STA " MACSTR,
 		   hapd->conf->iface, MAC2STR(sta->addr));
-	if (!(sta->flags & WLAN_STA_AUTH)) {
+	if (!(sta->flags & (WLAN_STA_AUTH | WLAN_STA_ASSOC |
+			    WLAN_STA_AUTHORIZED))) {
 		if (sta->flags & WLAN_STA_GAS) {
 			wpa_printf(MSG_DEBUG, "GAS: Remove temporary STA "
 				   "entry " MACSTR, MAC2STR(sta->addr));