[PATCH] AP: Optionally deauth station that auths twice

Jouni Malinen j at w1.fi
Mon Jul 4 14:00:33 EDT 2011


On Mon, Jun 06, 2011 at 02:12:44PM -0700, Paul Stewart wrote:
> The 802.11 spec has a clause that states that if a STA
> authenticates while the AP has state indicating the STA
> is already authenticated, it should send a DEAUTH with
> WLAN_REASON_PREV_AUTH_NOT_VALID to the station first.
> Add an optional parameter to hostapd so it can replicate
> this behavior.

Could you please identify which clause says that? A quick search through
IEEE Std 802.11-2007 (and REVmb/D9.0 for that matter) did not bring up
good matches describing such behavior. Since this would actually break
fast BSS transition (IEEE 802.11r) if the non-AP STA were to return to
an earlier AP, I would like to understand the exact suggestion or
requirement in the standard that you are referring to (it may need to be
fixed to be conditional on something).

IEEE 802.11w-2009 added somewhat similar behavior for the case where SA
Query procedure fails, but that is only used if PMF is enabled and the
frame would be Disassocation, not Deauthentication.

-- 
Jouni Malinen                                            PGP id EFC895FA


More information about the HostAP mailing list