forked from mirror/openwrt
4779b731d4
Manually refreshed: 010-mesh-Allow-DFS-channels-to-be-selected-if-dfs-is-ena.patch 110-mbedtls-TLS-crypto-option-initial-port.patch 140-tests-Makefile-make-run-tests-with-CONFIG_TLS.patch 301-mesh-noscan.patch 601-ucode_support.patch 780-Implement-APuP-Access-Point-Micro-Peering.patch Dropped upstreamed: 330-nl80211_fix_set_freq.patch 804-hostapd-Fix-clearing-up-settings-for-color-switch.patch Automatically rebased all other patches. Tested-by: Rany Hany <rany_hany@riseup.net> # ramips_mt7621/asus_rt-ax53u, mt7622/xiaomi_redmi-router-ax6s Tested-by: Andre Heider <a.heider@gmail.com> # filogic/openwrt_one, ramips_mt7621/netgear_wac124 Tested-by: Agustin Lorenzo <agustin.lorenzo@thinco.es> # qualcommax/ipq807x (AX3600) Tested-by: Daniel Pawlik <pawlik.dan@gmail.com> # BPi-R4 with mt7996 Signed-off-by: Rany Hany <rany_hany@riseup.net>
63 lines
2.1 KiB
Diff
63 lines
2.1 KiB
Diff
From 26cd9bafc1d25e602952ee86cd2a5b8c3a995490 Mon Sep 17 00:00:00 2001
|
|
From: Stijn Tintel <stijn@linux-ipv6.be>
|
|
Date: Fri, 28 Jul 2023 16:27:47 +0300
|
|
Subject: [PATCH] Revert "Do prune_association only after the STA is
|
|
authorized"
|
|
|
|
Commit e978072baaca ("Do prune_association only after the STA is
|
|
authorized") causes issues when an STA roams from one interface to
|
|
another interface on the same PHY. The mt7915 driver is not able to
|
|
handle this properly. While the commits fixes a DoS, there are other
|
|
devices and drivers with the same limitation, so revert to the orginal
|
|
behavior for now, until we have a better solution in place.
|
|
|
|
Ref: https://github.com/openwrt/openwrt/issues/13156
|
|
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
|
|
---
|
|
src/ap/hostapd.c | 14 +++++++++++---
|
|
src/ap/sta_info.c | 3 ---
|
|
2 files changed, 11 insertions(+), 6 deletions(-)
|
|
|
|
--- a/src/ap/hostapd.c
|
|
+++ b/src/ap/hostapd.c
|
|
@@ -4075,6 +4075,8 @@ int hostapd_remove_iface(struct hapd_int
|
|
void hostapd_new_assoc_sta(struct hostapd_data *hapd, struct sta_info *sta,
|
|
int reassoc)
|
|
{
|
|
+ int mld_assoc_link_id = -1;
|
|
+
|
|
if (hapd->tkip_countermeasures) {
|
|
hostapd_drv_sta_deauth(hapd, sta->addr,
|
|
WLAN_REASON_MICHAEL_MIC_FAILURE);
|
|
@@ -4082,10 +4084,16 @@ void hostapd_new_assoc_sta(struct hostap
|
|
}
|
|
|
|
#ifdef CONFIG_IEEE80211BE
|
|
- if (ap_sta_is_mld(hapd, sta) &&
|
|
- sta->mld_assoc_link_id != hapd->mld_link_id)
|
|
- return;
|
|
+ if (ap_sta_is_mld(hapd, sta)) {
|
|
+ if (sta->mld_assoc_link_id == hapd->mld_link_id) {
|
|
+ mld_assoc_link_id = sta->mld_assoc_link_id;
|
|
+ } else {
|
|
+ return;
|
|
+ }
|
|
+ }
|
|
#endif /* CONFIG_IEEE80211BE */
|
|
+ if (mld_assoc_link_id != -2)
|
|
+ hostapd_prune_associations(hapd, sta->addr, mld_assoc_link_id);
|
|
|
|
ap_sta_clear_disconnect_timeouts(hapd, sta);
|
|
ap_sta_clear_assoc_timeout(hapd, sta);
|
|
--- a/src/ap/sta_info.c
|
|
+++ b/src/ap/sta_info.c
|
|
@@ -1552,9 +1552,6 @@ bool ap_sta_set_authorized_flag(struct h
|
|
mld_assoc_link_id = -2;
|
|
}
|
|
#endif /* CONFIG_IEEE80211BE */
|
|
- if (mld_assoc_link_id != -2)
|
|
- hostapd_prune_associations(hapd, sta->addr,
|
|
- mld_assoc_link_id);
|
|
sta->flags |= WLAN_STA_AUTHORIZED;
|
|
} else {
|
|
sta->flags &= ~WLAN_STA_AUTHORIZED;
|