[PATCH 1/3] netdev: better handle associate timeouts with auth_protos

[PATCH 1/3] netdev: better handle associate timeouts with auth_protos

[James Prestwood]

[-- Attachment #1: Type: text/plain, Size: 1218 bytes --]

Any auth proto which did not implement the assoc_timeout handler
could end up getting 'stuck' forever if there was an associate
timeout. This is because in the event of an associate timeout IWD
only sets a few flags and relies on the connect event to actually
handle the failure. The problem is a connect event never comes
when using CMD_AUTH/ASSOC directly.

To fix this we can explicitly fail the connection if the auth
proto has not implemented assoc_timeout or if it returns false.
---
 src/netdev.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/src/netdev.c b/src/netdev.c
index 8d3f4a08..d5bad57e 100644
--- a/src/netdev.c
+++ b/src/netdev.c
@@ -2339,6 +2339,16 @@ static void netdev_associate_event(struct l_genl_msg *msg,
 	return;
 
 assoc_failed:
+	/*
+	 * There will be no connect event when using Auth/Assoc directly so
+	 * the failed connection must be explicitly initiated here.
+	 */
+	if (netdev->ap) {
+		netdev_connect_failed(netdev, NETDEV_RESULT_ASSOCIATION_FAILED,
+					status_code);
+		return;
+	}
+
 	netdev->result = NETDEV_RESULT_ASSOCIATION_FAILED;
 	netdev->last_code = status_code;
 	netdev->expect_connect_failure = true;
-- 
2.26.2

[PATCH 2/3] sae: add counter for associate retries

[James Prestwood]

[-- Attachment #1: Type: text/plain, Size: 1865 bytes --]

If there is an associate timeout, retry a few times in case
it was just a fluke. At this point SAE is fully negotiated
so it makes sense to attempt to save the connection.
---
 src/sae.c | 21 +++++++++++++++++++--
 1 file changed, 19 insertions(+), 2 deletions(-)

diff --git a/src/sae.c b/src/sae.c
index ade5e24c..b6cc0b15 100644
--- a/src/sae.c
+++ b/src/sae.c
@@ -37,6 +37,7 @@
 
 #define SAE_RETRANSMIT_TIMEOUT	2
 #define SAE_SYNC_MAX		3
+#define SAE_MAX_ASSOC_RETRY	3
 
 enum sae_state {
 	SAE_STATE_NOTHING = 0,
@@ -73,6 +74,7 @@ struct sae_sm {
 	uint16_t rc;
 	/* remote peer */
 	uint8_t peer[6];
+	uint8_t assoc_retry;
 
 	sae_tx_authenticate_func_t tx_auth;
 	sae_tx_associate_func_t tx_assoc;
@@ -670,7 +672,7 @@ static bool sae_send_commit(struct sae_sm *sm, bool retry)
 	return true;
 }
 
-static bool sae_timeout(struct auth_proto *ap)
+static bool sae_auth_timeout(struct auth_proto *ap)
 {
 	struct sae_sm *sm = l_container_of(ap, struct sae_sm, ap);
 
@@ -699,6 +701,20 @@ static bool sae_timeout(struct auth_proto *ap)
 	return true;
 }
 
+static bool sae_assoc_timeout(struct auth_proto *ap)
+{
+	struct sae_sm *sm = l_container_of(ap, struct sae_sm, ap);
+
+	if (sm->assoc_retry >= SAE_MAX_ASSOC_RETRY)
+		return false;
+
+	sm->assoc_retry++;
+
+	sm->tx_assoc(sm->user_data);
+
+	return true;
+}
+
 /*
  * 802.11-2016 - Section 12.4.8.6.4
  * If the Status code is ANTI_CLOGGING_TOKEN_REQUIRED, a new SAE Commit message
@@ -1178,7 +1194,8 @@ struct auth_proto *sae_sm_new(struct handshake_state *hs,
 	sm->ap.free = sae_free;
 	sm->ap.rx_authenticate = sae_rx_authenticate;
 	sm->ap.rx_associate = sae_rx_associate;
-	sm->ap.auth_timeout = sae_timeout;
+	sm->ap.auth_timeout = sae_auth_timeout;
+	sm->ap.assoc_timeout = sae_assoc_timeout;
 
 	return &sm->ap;
 }
-- 
2.26.2

[PATCH 3/3] netdev: remove unneeded goto/return code

[James Prestwood]

[-- Attachment #1: Type: text/plain, Size: 632 bytes --]

All possible paths led to the same result so it was
simplified to remove two goto's and a return call.
---
 src/netdev.c | 7 +------
 1 file changed, 1 insertion(+), 6 deletions(-)

diff --git a/src/netdev.c b/src/netdev.c
index d5bad57e..2f35c11e 100644
--- a/src/netdev.c
+++ b/src/netdev.c
@@ -2234,12 +2234,7 @@ static void netdev_authenticate_event(struct l_genl_msg *msg,
 			return;
 		else if (ret > 0)
 			status_code = (uint16_t)ret;
-
-		goto auth_error;
-	} else
-		goto auth_error;
-
-	return;
+	}
 
 auth_error:
 	netdev_connect_failed(netdev, NETDEV_RESULT_AUTHENTICATION_FAILED,
-- 
2.26.2