On Mon, Apr 19, 2021 at 11:05:18PM +0000, Andrew Beltrano wrote: > Add 10s timeout for receipt of Configuration Request frame from > enrollee. It would be good to copy the description of the need for this change from the cover letter (0/2) into the actual commit message here since the cover letter is not going to be stored in the repository. Furthermore, I would combine these patches into a single commit instead of splitting the practically same functionality between hostapd and wpa_supplicant. > diff --git a/src/ap/dpp_hostapd.c b/src/ap/dpp_hostapd.c > @@ -440,6 +442,24 @@ static void hostapd_dpp_init_timeout(void *eloop_ctx, void *timeout_ctx) > @@ -2001,6 +2025,8 @@ hostapd_dpp_gas_req_handler(struct hostapd_data *hapd, const u8 *sa, > + if (auth->configurator) > + eloop_cancel_timeout(hostapd_dpp_conf_req_rx_wait_timeout, hapd, NULL); In addition to this normal case, the timeout should likely be canceled in some other paths as well. At least the one in hostapd_dpp_auth_init() when a previous session is terminated to start a new one should cancel this timeout to avoid unexpected calls during a consecutive exchange. Similarly, hostapd_dpp_deinit() needs to cancel this to avoid dereferencing freed memory after interface removal if that removal were to happen during this timeout. -- Jouni Malinen PGP id EFC895FA _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap
