Re: [PATCHv6 3/5] FT RRB: add msg replay and msg delay protection

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Am 17.04.2017 12:12, schrieb Jouni Malinen:

This seems to be breaking a number of hwsim test cases. For example,
ap_ft_sae fails every time when run on its own. When run after some
other FT test cases, it can pass, but that is not really good behavior,
i.e., every single case should work.
I've tested my series on top of 2971da2 and it passes ap_ft_sae for me also when that test is run alone. 
Same goes for the series you send (https://w1.fi/p/ft-rrb/).
Do you use a config file different from example-hostapd.conf?


Something seems to be going wrong with sequence number updating:



FT: Received push


the original message


FT: Received sequence number request
FT: Received sequence number response


The remote AP send
 dom = 11 22 b1 de
 seq = 62 22 3f bc
 ts  = 03 00 00 00
when resetting the sequence number.
So seq in range [ seq - 16 - 1; seq ) + (seq, ...) should be accepted then, see wpa_ft_rrb_rx_seq_resp. 


FT: Received push


The original message got restarted automatically.
Its sequence number contains
 dom = 11 22 b1 de
 seq = 61 22 3f bc
 ts = 03 00 00 00

So dom matches and ts cannot fail as well.
The sequence number is in the range configured to be accepted, so this is fine as well. 

When running ap_ft_sae alone on top of the series, I get:

FT: Received push
FT: sequence number - hexdump(len=12): f3 e2 0b 0e c3 e5 aa 47 ac cc 27 00 
FT: Possibly invalid sequence number in push from 02:00:00:00:03:00
FT: RRB-OUI type 4 send to 02:00:00:00:03:00

FT: RRB received packet 02:00:00:00:04:00 -> 02:00:00:00:03:00
FT: Received sequence number request
FT: RRB-OUI type 5 send to 02:00:00:00:04:00

FT: Received sequence number response
FT: seq response - nonce - hexdump(len=16): 9a 66 fb 33 2f 38 2f 6b 88 e1 cf ef 66 67 52 5e FT: sequence number - hexdump(len=12): f3 e2 0b 0e c4 e5 aa 47 ac cc 27 00 
FT: Invalid sequence number in seq response from 02:00:00:00:03:00
FT: seq response - reset seq number

FT: Received push
FT: R0KH-ID - hexdump(len=10): 6e 61 73 31 2e 77 31 2e 66 69
FT: R1KH-ID=00:01:02:03:04:06
FT: sequence number - hexdump(len=12): f3 e2 0b 0e c3 e5 aa 47 ac cc 27 00 
FT: S1KH-ID=02:00:00:00:00:00

So I'm puzzled.

Regards,
M. Braun

_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap
[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux