path: root/src/ap/hostapd.h
diff options
authorJouni Malinen <jouni@codeaurora.org>2019-03-01 17:54:51 (GMT)
committerJouni Malinen <j@w1.fi>2019-03-06 11:06:50 (GMT)
commitff9f40aee1e405b40bd9ffdf1f5e4edd79f54b19 (patch)
treed1956c30138eed649bc4dba6b1715da0021f1f9f /src/ap/hostapd.h
parenta053ab95900bf4df874e9697161e39c66f37afbc (diff)
SAE: Process received commit message through a queue
This allows better control of processing new SAE sessions so that other operations can be given higher priority during bursts of SAE requests, e.g., during a potential DoS attack. The receive commit messages are queued (up to maximum of 15 entries) and processed from eloop callback. If the queue has multiple pending entries, more wait time is used to go through the each new entry to reduce heavy CPU load from SAE processing. Enable anti-clogging token use also based on the pending commit message queue and not only based on the already started sessions. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Diffstat (limited to 'src/ap/hostapd.h')
1 files changed, 8 insertions, 0 deletions
diff --git a/src/ap/hostapd.h b/src/ap/hostapd.h
index d304c11..733f3f2 100644
--- a/src/ap/hostapd.h
+++ b/src/ap/hostapd.h
@@ -129,6 +129,13 @@ struct hostapd_neighbor_entry {
int stationary;
+struct hostapd_sae_commit_queue {
+ struct dl_list list;
+ int rssi;
+ size_t len;
+ u8 msg[];
* struct hostapd_data - hostapd per-BSS data structure
@@ -308,6 +315,7 @@ struct hostapd_data {
u8 sae_token_key[8];
struct os_reltime last_sae_token_key_update;
int dot11RSNASAERetransPeriod; /* msec */
+ struct dl_list sae_commit_queue; /* struct hostapd_sae_commit_queue */
#endif /* CONFIG_SAE */