* [PATCH 1/3] netdev: better handle associate timeouts with auth_protos @ 2021-03-29 20:17 James Prestwood 2021-03-29 20:17 ` [PATCH 2/3] sae: add counter for associate retries James Prestwood 2021-03-29 20:17 ` [PATCH 3/3] netdev: remove unneeded goto/return code James Prestwood 0 siblings, 2 replies; 3+ messages in thread From: James Prestwood @ 2021-03-29 20:17 UTC (permalink / raw) To: iwd [-- Attachment #1: Type: text/plain, Size: 1218 bytes --] Any auth proto which did not implement the assoc_timeout handler could end up getting 'stuck' forever if there was an associate timeout. This is because in the event of an associate timeout IWD only sets a few flags and relies on the connect event to actually handle the failure. The problem is a connect event never comes when using CMD_AUTH/ASSOC directly. To fix this we can explicitly fail the connection if the auth proto has not implemented assoc_timeout or if it returns false. --- src/netdev.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/src/netdev.c b/src/netdev.c index 8d3f4a08..d5bad57e 100644 --- a/src/netdev.c +++ b/src/netdev.c @@ -2339,6 +2339,16 @@ static void netdev_associate_event(struct l_genl_msg *msg, return; assoc_failed: + /* + * There will be no connect event when using Auth/Assoc directly so + * the failed connection must be explicitly initiated here. + */ + if (netdev->ap) { + netdev_connect_failed(netdev, NETDEV_RESULT_ASSOCIATION_FAILED, + status_code); + return; + } + netdev->result = NETDEV_RESULT_ASSOCIATION_FAILED; netdev->last_code = status_code; netdev->expect_connect_failure = true; -- 2.26.2 ^ permalink raw reply related [flat|nested] 3+ messages in thread
* [PATCH 2/3] sae: add counter for associate retries 2021-03-29 20:17 [PATCH 1/3] netdev: better handle associate timeouts with auth_protos James Prestwood @ 2021-03-29 20:17 ` James Prestwood 2021-03-29 20:17 ` [PATCH 3/3] netdev: remove unneeded goto/return code James Prestwood 1 sibling, 0 replies; 3+ messages in thread From: James Prestwood @ 2021-03-29 20:17 UTC (permalink / raw) To: iwd [-- Attachment #1: Type: text/plain, Size: 1865 bytes --] If there is an associate timeout, retry a few times in case it was just a fluke. At this point SAE is fully negotiated so it makes sense to attempt to save the connection. --- src/sae.c | 21 +++++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) diff --git a/src/sae.c b/src/sae.c index ade5e24c..b6cc0b15 100644 --- a/src/sae.c +++ b/src/sae.c @@ -37,6 +37,7 @@ #define SAE_RETRANSMIT_TIMEOUT 2 #define SAE_SYNC_MAX 3 +#define SAE_MAX_ASSOC_RETRY 3 enum sae_state { SAE_STATE_NOTHING = 0, @@ -73,6 +74,7 @@ struct sae_sm { uint16_t rc; /* remote peer */ uint8_t peer[6]; + uint8_t assoc_retry; sae_tx_authenticate_func_t tx_auth; sae_tx_associate_func_t tx_assoc; @@ -670,7 +672,7 @@ static bool sae_send_commit(struct sae_sm *sm, bool retry) return true; } -static bool sae_timeout(struct auth_proto *ap) +static bool sae_auth_timeout(struct auth_proto *ap) { struct sae_sm *sm = l_container_of(ap, struct sae_sm, ap); @@ -699,6 +701,20 @@ static bool sae_timeout(struct auth_proto *ap) return true; } +static bool sae_assoc_timeout(struct auth_proto *ap) +{ + struct sae_sm *sm = l_container_of(ap, struct sae_sm, ap); + + if (sm->assoc_retry >= SAE_MAX_ASSOC_RETRY) + return false; + + sm->assoc_retry++; + + sm->tx_assoc(sm->user_data); + + return true; +} + /* * 802.11-2016 - Section 12.4.8.6.4 * If the Status code is ANTI_CLOGGING_TOKEN_REQUIRED, a new SAE Commit message @@ -1178,7 +1194,8 @@ struct auth_proto *sae_sm_new(struct handshake_state *hs, sm->ap.free = sae_free; sm->ap.rx_authenticate = sae_rx_authenticate; sm->ap.rx_associate = sae_rx_associate; - sm->ap.auth_timeout = sae_timeout; + sm->ap.auth_timeout = sae_auth_timeout; + sm->ap.assoc_timeout = sae_assoc_timeout; return &sm->ap; } -- 2.26.2 ^ permalink raw reply related [flat|nested] 3+ messages in thread
* [PATCH 3/3] netdev: remove unneeded goto/return code 2021-03-29 20:17 [PATCH 1/3] netdev: better handle associate timeouts with auth_protos James Prestwood 2021-03-29 20:17 ` [PATCH 2/3] sae: add counter for associate retries James Prestwood @ 2021-03-29 20:17 ` James Prestwood 1 sibling, 0 replies; 3+ messages in thread From: James Prestwood @ 2021-03-29 20:17 UTC (permalink / raw) To: iwd [-- Attachment #1: Type: text/plain, Size: 632 bytes --] All possible paths led to the same result so it was simplified to remove two goto's and a return call. --- src/netdev.c | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/src/netdev.c b/src/netdev.c index d5bad57e..2f35c11e 100644 --- a/src/netdev.c +++ b/src/netdev.c @@ -2234,12 +2234,7 @@ static void netdev_authenticate_event(struct l_genl_msg *msg, return; else if (ret > 0) status_code = (uint16_t)ret; - - goto auth_error; - } else - goto auth_error; - - return; + } auth_error: netdev_connect_failed(netdev, NETDEV_RESULT_AUTHENTICATION_FAILED, -- 2.26.2 ^ permalink raw reply related [flat|nested] 3+ messages in thread
end of thread, other threads:[~2021-03-29 20:17 UTC | newest] Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2021-03-29 20:17 [PATCH 1/3] netdev: better handle associate timeouts with auth_protos James Prestwood 2021-03-29 20:17 ` [PATCH 2/3] sae: add counter for associate retries James Prestwood 2021-03-29 20:17 ` [PATCH 3/3] netdev: remove unneeded goto/return code James Prestwood
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.