* [PATCH v2 1/3] netdev: better handle associate timeouts with auth_protos
@ 2021-03-29 20:43 James Prestwood
2021-03-29 20:43 ` [PATCH v2 2/3] sae: add counter for associate retries James Prestwood
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: James Prestwood @ 2021-03-29 20:43 UTC (permalink / raw)
To: iwd
[-- Attachment #1: Type: text/plain, Size: 1313 bytes --]
Any auth proto which did not implement the assoc_timeout handler
could end up getting 'stuck' forever if there was an associate
timeout. This is because in the event of an associate timeout IWD
only sets a few flags and relies on the connect event to actually
handle the failure. The problem is a connect event never comes
if the failure was a timeout.
To fix this we can explicitly fail the connection if the auth
proto has not implemented assoc_timeout or if it returns false.
---
src/netdev.c | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
v2:
* Moved the failure into the actual timeout case as the
connect event *does* come unless there was a timeout
diff --git a/src/netdev.c b/src/netdev.c
index 8d3f4a08..fcbb7d88 100644
--- a/src/netdev.c
+++ b/src/netdev.c
@@ -2280,7 +2280,15 @@ static void netdev_associate_event(struct l_genl_msg *msg,
if (auth_proto_assoc_timeout(netdev->ap))
return;
- goto assoc_failed;
+ /*
+ * There will be no connect event when Associate times
+ * out. The failed connection must be explicitly
+ * initiated here.
+ */
+ netdev_connect_failed(netdev,
+ NETDEV_RESULT_ASSOCIATION_FAILED,
+ status_code);
+ return;
case NL80211_ATTR_FRAME:
frame = data;
--
2.26.2
^ permalink raw reply related [flat|nested] 4+ messages in thread
* [PATCH v2 2/3] sae: add counter for associate retries
2021-03-29 20:43 [PATCH v2 1/3] netdev: better handle associate timeouts with auth_protos James Prestwood
@ 2021-03-29 20:43 ` James Prestwood
2021-03-29 20:43 ` [PATCH v2 3/3] netdev: remove unneeded goto/return code James Prestwood
2021-03-29 20:50 ` [PATCH v2 1/3] netdev: better handle associate timeouts with auth_protos Denis Kenzior
2 siblings, 0 replies; 4+ messages in thread
From: James Prestwood @ 2021-03-29 20:43 UTC (permalink / raw)
To: iwd
[-- Attachment #1: Type: text/plain, Size: 1865 bytes --]
If there is an associate timeout, retry a few times in case
it was just a fluke. At this point SAE is fully negotiated
so it makes sense to attempt to save the connection.
---
src/sae.c | 21 +++++++++++++++++++--
1 file changed, 19 insertions(+), 2 deletions(-)
diff --git a/src/sae.c b/src/sae.c
index ade5e24c..b6cc0b15 100644
--- a/src/sae.c
+++ b/src/sae.c
@@ -37,6 +37,7 @@
#define SAE_RETRANSMIT_TIMEOUT 2
#define SAE_SYNC_MAX 3
+#define SAE_MAX_ASSOC_RETRY 3
enum sae_state {
SAE_STATE_NOTHING = 0,
@@ -73,6 +74,7 @@ struct sae_sm {
uint16_t rc;
/* remote peer */
uint8_t peer[6];
+ uint8_t assoc_retry;
sae_tx_authenticate_func_t tx_auth;
sae_tx_associate_func_t tx_assoc;
@@ -670,7 +672,7 @@ static bool sae_send_commit(struct sae_sm *sm, bool retry)
return true;
}
-static bool sae_timeout(struct auth_proto *ap)
+static bool sae_auth_timeout(struct auth_proto *ap)
{
struct sae_sm *sm = l_container_of(ap, struct sae_sm, ap);
@@ -699,6 +701,20 @@ static bool sae_timeout(struct auth_proto *ap)
return true;
}
+static bool sae_assoc_timeout(struct auth_proto *ap)
+{
+ struct sae_sm *sm = l_container_of(ap, struct sae_sm, ap);
+
+ if (sm->assoc_retry >= SAE_MAX_ASSOC_RETRY)
+ return false;
+
+ sm->assoc_retry++;
+
+ sm->tx_assoc(sm->user_data);
+
+ return true;
+}
+
/*
* 802.11-2016 - Section 12.4.8.6.4
* If the Status code is ANTI_CLOGGING_TOKEN_REQUIRED, a new SAE Commit message
@@ -1178,7 +1194,8 @@ struct auth_proto *sae_sm_new(struct handshake_state *hs,
sm->ap.free = sae_free;
sm->ap.rx_authenticate = sae_rx_authenticate;
sm->ap.rx_associate = sae_rx_associate;
- sm->ap.auth_timeout = sae_timeout;
+ sm->ap.auth_timeout = sae_auth_timeout;
+ sm->ap.assoc_timeout = sae_assoc_timeout;
return &sm->ap;
}
--
2.26.2
^ permalink raw reply related [flat|nested] 4+ messages in thread
* [PATCH v2 3/3] netdev: remove unneeded goto/return code
2021-03-29 20:43 [PATCH v2 1/3] netdev: better handle associate timeouts with auth_protos James Prestwood
2021-03-29 20:43 ` [PATCH v2 2/3] sae: add counter for associate retries James Prestwood
@ 2021-03-29 20:43 ` James Prestwood
2021-03-29 20:50 ` [PATCH v2 1/3] netdev: better handle associate timeouts with auth_protos Denis Kenzior
2 siblings, 0 replies; 4+ messages in thread
From: James Prestwood @ 2021-03-29 20:43 UTC (permalink / raw)
To: iwd
[-- Attachment #1: Type: text/plain, Size: 632 bytes --]
All possible paths led to the same result so it was
simplified to remove two goto's and a return call.
---
src/netdev.c | 7 +------
1 file changed, 1 insertion(+), 6 deletions(-)
diff --git a/src/netdev.c b/src/netdev.c
index fcbb7d88..914f6479 100644
--- a/src/netdev.c
+++ b/src/netdev.c
@@ -2234,12 +2234,7 @@ static void netdev_authenticate_event(struct l_genl_msg *msg,
return;
else if (ret > 0)
status_code = (uint16_t)ret;
-
- goto auth_error;
- } else
- goto auth_error;
-
- return;
+ }
auth_error:
netdev_connect_failed(netdev, NETDEV_RESULT_AUTHENTICATION_FAILED,
--
2.26.2
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH v2 1/3] netdev: better handle associate timeouts with auth_protos
2021-03-29 20:43 [PATCH v2 1/3] netdev: better handle associate timeouts with auth_protos James Prestwood
2021-03-29 20:43 ` [PATCH v2 2/3] sae: add counter for associate retries James Prestwood
2021-03-29 20:43 ` [PATCH v2 3/3] netdev: remove unneeded goto/return code James Prestwood
@ 2021-03-29 20:50 ` Denis Kenzior
2 siblings, 0 replies; 4+ messages in thread
From: Denis Kenzior @ 2021-03-29 20:50 UTC (permalink / raw)
To: iwd
[-- Attachment #1: Type: text/plain, Size: 833 bytes --]
Hi James,
On 3/29/21 3:43 PM, James Prestwood wrote:
> Any auth proto which did not implement the assoc_timeout handler
> could end up getting 'stuck' forever if there was an associate
> timeout. This is because in the event of an associate timeout IWD
> only sets a few flags and relies on the connect event to actually
> handle the failure. The problem is a connect event never comes
> if the failure was a timeout.
>
> To fix this we can explicitly fail the connection if the auth
> proto has not implemented assoc_timeout or if it returns false.
> ---
> src/netdev.c | 10 +++++++++-
> 1 file changed, 9 insertions(+), 1 deletion(-)
>
> v2:
> * Moved the failure into the actual timeout case as the
> connect event *does* come unless there was a timeout
>
Applied, thanks.
Regards,
-Denis
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2021-03-29 20:50 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-03-29 20:43 [PATCH v2 1/3] netdev: better handle associate timeouts with auth_protos James Prestwood
2021-03-29 20:43 ` [PATCH v2 2/3] sae: add counter for associate retries James Prestwood
2021-03-29 20:43 ` [PATCH v2 3/3] netdev: remove unneeded goto/return code James Prestwood
2021-03-29 20:50 ` [PATCH v2 1/3] netdev: better handle associate timeouts with auth_protos Denis Kenzior
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.