Re: [PATCH 1/1] STA_ASSOC: Mark Port authorization and State Completion based on authorized state in connect event

[Vinayak Yadawad <vinayak.yadawad@xxxxxxxxxxxx>]

Hi Jouni,

Gentle Reminder, Kindly review the change.

On Thu, Jun 30, 2022 at 9:38 AM Vinayak Yadawad
<vinayak.yadawad@xxxxxxxxxxxx> wrote:
>
> In case of drivers supporting 4way handshake offload, mark port
> authorized and state completion only if driver advertizes authorized
> state in the connect event. Otherwise there are fair chances of driver
> port authorization api gets called while 4-way handshake is in progress
> at the lower layer.
> In order to avoid this possible race condition always update port
> authorization and supplicant state WPA_COMPLETED setting from
> EVENT_PORT_AUTHORIZED context when driver is done with 4way handshake.
>
> Signed-off-by: Vinayak Yadawad <vinayak.yadawad@xxxxxxxxxxxx>
> ---
>  wpa_supplicant/events.c | 25 +++++++++++++++++--------
>  1 file changed, 17 insertions(+), 8 deletions(-)
>
> diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c
> index ec56cfdc0..f20e1c87b 100644
> --- a/wpa_supplicant/events.c
> +++ b/wpa_supplicant/events.c
> @@ -3478,14 +3478,23 @@ static void wpa_supplicant_event_assoc(struct wpa_supplicant *wpa_s,
>                 eapol_sm_notify_eap_success(wpa_s->eapol, true);
>         } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) &&
>                    wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
> -               /*
> -                * We are done; the driver will take care of RSN 4-way
> -                * handshake.
> -                */
> -               wpa_supplicant_cancel_auth_timeout(wpa_s);
> -               wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
> -               eapol_sm_notify_portValid(wpa_s->eapol, true);
> -               eapol_sm_notify_eap_success(wpa_s->eapol, true);
> +               if (already_authorized) {
> +                       /*
> +                        * We are done; the driver will take care of RSN 4-way
> +                        * handshake.
> +                        */
> +                       wpa_supplicant_cancel_auth_timeout(wpa_s);
> +                       wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
> +                       eapol_sm_notify_portValid(wpa_s->eapol, true);
> +                       eapol_sm_notify_eap_success(wpa_s->eapol, true);
> +               } else {
> +                       /* Update port, WPA_COMPLETED state from
> +                        * EVENT_PORT_AUTHORIZED context when driver is done
> +                        * with 4way handshake.
> +                        */
> +                       wpa_msg(wpa_s, MSG_INFO, "ASSOC INFO: wait for driver port "
> +                               "authorized indication");
> +               }
>         } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X) &&
>                    wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
>                 /*
> --
> 2.32.0
>

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap