IBSS RSN: Work around Data RX vs. Authentication RX race condition
It is possible for the driver to report EAPOL frame RX before Authentication frame RX even if the frames arrived in the opposite order. This can result in issues in cases where both IBSS peers initiate Authentication frame exchange at about the same time and one of the EAPOL sessions is started before processing Authentication frame seq=1 RX. Work around this by not re-initializing EAPOL state on Authentication (SEQ=1) RX if own Authentication frame was transmitted within last 500 ms. Signed-hostap: Jouni Malinen <j@w1.fi>
This commit is contained in:
		
							parent
							
								
									3d5b356ac0
								
							
						
					
					
						commit
						6fb7b58fe4
					
				
					 2 changed files with 15 additions and 0 deletions
				
			
		|  | @ -566,6 +566,8 @@ int ibss_rsn_start(struct ibss_rsn *ibss_rsn, const u8 *addr) | ||||||
| 		 */ | 		 */ | ||||||
| 		peer->authentication_status |= IBSS_RSN_AUTH_BY_US; | 		peer->authentication_status |= IBSS_RSN_AUTH_BY_US; | ||||||
| 		return ibss_rsn_auth_init(ibss_rsn, peer); | 		return ibss_rsn_auth_init(ibss_rsn, peer); | ||||||
|  | 	} else { | ||||||
|  | 		os_get_time(&peer->own_auth_tx); | ||||||
| 	} | 	} | ||||||
| 
 | 
 | ||||||
| 	return 0; | 	return 0; | ||||||
|  | @ -807,6 +809,16 @@ static void ibss_rsn_handle_auth_1_of_2(struct ibss_rsn *ibss_rsn, | ||||||
| 
 | 
 | ||||||
| 	if (peer && | 	if (peer && | ||||||
| 	    peer->authentication_status & IBSS_RSN_AUTH_EAPOL_BY_PEER) { | 	    peer->authentication_status & IBSS_RSN_AUTH_EAPOL_BY_PEER) { | ||||||
|  | 		if (peer->own_auth_tx.sec) { | ||||||
|  | 			struct os_time now, diff; | ||||||
|  | 			os_get_time(&now); | ||||||
|  | 			os_time_sub(&now, &peer->own_auth_tx, &diff); | ||||||
|  | 			if (diff.sec == 0 && diff.usec < 500000) { | ||||||
|  | 				wpa_printf(MSG_DEBUG, "RSN: Skip IBSS reinit since only %u usec from own Auth frame TX", | ||||||
|  | 					   (int) diff.usec); | ||||||
|  | 				goto skip_reinit; | ||||||
|  | 			} | ||||||
|  | 		} | ||||||
| 		/*
 | 		/*
 | ||||||
| 		 * A peer sent us an Authentication frame even though it already | 		 * A peer sent us an Authentication frame even though it already | ||||||
| 		 * started an EAPOL session. We should reinit state machines | 		 * started an EAPOL session. We should reinit state machines | ||||||
|  | @ -829,6 +841,7 @@ static void ibss_rsn_handle_auth_1_of_2(struct ibss_rsn *ibss_rsn, | ||||||
| 			   MAC2STR(addr)); | 			   MAC2STR(addr)); | ||||||
| 	} | 	} | ||||||
| 
 | 
 | ||||||
|  | skip_reinit: | ||||||
| 	/* reply with an Authentication frame now, before sending an EAPOL */ | 	/* reply with an Authentication frame now, before sending an EAPOL */ | ||||||
| 	ibss_rsn_send_auth(ibss_rsn, addr, 2); | 	ibss_rsn_send_auth(ibss_rsn, addr, 2); | ||||||
| 	/* no need to start another AUTH challenge in the other way.. */ | 	/* no need to start another AUTH challenge in the other way.. */ | ||||||
|  |  | ||||||
|  | @ -39,6 +39,8 @@ struct ibss_rsn_peer { | ||||||
| 
 | 
 | ||||||
| 	struct wpa_state_machine *auth; | 	struct wpa_state_machine *auth; | ||||||
| 	int authentication_status; | 	int authentication_status; | ||||||
|  | 
 | ||||||
|  | 	struct os_time own_auth_tx; | ||||||
| }; | }; | ||||||
| 
 | 
 | ||||||
| struct ibss_rsn { | struct ibss_rsn { | ||||||
|  |  | ||||||
		Loading…
	
		Reference in a new issue
	
	 Jouni Malinen
						Jouni Malinen