Ensure authenticator session timer is applied with wired driver

We use the wired driver for wired port authentication with a slight
extension to add the port into a bridge upon successful authentication
and to remove it from the bridge when the session terminates.

Our expectation was that the Session-Timeout configuration at the RADIUS
server is respected, i.e. the session is terminated and would need
re-authentication - like it is working for WLAN sessions over the
nl80211 driver. Alas, it turned out the session is not terminated with
the wired driver.

It turned out that when ap_handle_session_timer() is executed, the
sta->flags of the wired port has only the WLAN_STA_AUTHORIZED bit set.
The WLAN_STA_AUTH bit, which is used to check whether the STA needs to
be de-authenticated, is missing.

Extend the check for any of the WLAN_STA_(AUTH | ASSOC | AUTHORIZED)
bits to solve this issue with the wired driver. That should not have any
side-effect for the WLAN cases since WLAN_STA_AUTH is expected to always
be set for those when there is an ongoing session and separate checks
for ASSOC and AUTHORIZED don't change this.

Signed-off-by: Zefir Kurtisi <zefir.kurtisi@neratec.com>

diff --git a/src/ap/sta_info.c b/src/ap/sta_info.c
index cbb8752ea681cfff67f358cc3126d31389da8153..25bf46722925dd70a93c43359905fdf4503c0199 100644 (file)
--- a/src/ap/sta_info.c
+++ b/src/ap/sta_info.c
@@ -586,7 +586,8 @@ static void ap_handle_session_timer(void *eloop_ctx, void *timeout_ctx)
 
        wpa_printf(MSG_DEBUG, "%s: Session timer for STA " MACSTR,
                   hapd->conf->iface, MAC2STR(sta->addr));
-       if (!(sta->flags & WLAN_STA_AUTH)) {
+       if (!(sta->flags & (WLAN_STA_AUTH | WLAN_STA_ASSOC |
+                           WLAN_STA_AUTHORIZED))) {
                if (sta->flags & WLAN_STA_GAS) {
                        wpa_printf(MSG_DEBUG, "GAS: Remove temporary STA "
                                   "entry " MACSTR, MAC2STR(sta->addr));