6db1e9b34bf8aa92fec2384c2338f7bfbde6b362
[openwrt/staging/xback.git] /
1 From: Jouni Malinen <jouni@qca.qualcomm.com>
2 Date: Sat, 14 Jan 2017 01:04:31 +0200
3 Subject: [PATCH] Fix duplicate Reassociation Request frame dropping
4
5 Relational operators (==) have higher precedence than the ternary
6 conditional in C. The last_subtype check for association/reassociation
7 was broken due to incorrect assumption about the precedence. Fix this by
8 adding parenthesis around the ternary conditional.
9
10 The previous implementation worked for Association Request frames by
11 accident since WLAN_FC_STYPE_ASSOC_REQ happens to have value 0 and when
12 the last receive frame was an Association Request frame, the
13 sta->last_subtype == reassoc check was true and non-zero
14 WLAN_FC_STYPE_REASSOC_REQ was interpreted as true. However, this was
15 broken for Reassociation Request frame. reassoc == 1 in that case could
16 have matched received Association Response frame (subtype == 1), but
17 those are not received in AP mode and as such, this did not break other
18 behavior apart from not being able to drop duplicated Reassociation
19 Request frames.
20
21 Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
22 ---
23
24 --- a/src/ap/ieee802_11.c
25 +++ b/src/ap/ieee802_11.c
26 @@ -2485,8 +2485,8 @@ static void handle_assoc(struct hostapd_
27 if ((fc & WLAN_FC_RETRY) &&
28 sta->last_seq_ctrl != WLAN_INVALID_MGMT_SEQ &&
29 sta->last_seq_ctrl == seq_ctrl &&
30 - sta->last_subtype == reassoc ? WLAN_FC_STYPE_REASSOC_REQ :
31 - WLAN_FC_STYPE_ASSOC_REQ) {
32 + sta->last_subtype == (reassoc ? WLAN_FC_STYPE_REASSOC_REQ :
33 + WLAN_FC_STYPE_ASSOC_REQ)) {
34 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
35 HOSTAPD_LEVEL_DEBUG,
36 "Drop repeated association frame seq_ctrl=0x%x",