DPP PKEX and retransmissions

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

After adding PKEX support to IWD and testing against wpa_supplicant I noticed some unexpected and limiting behavior in the wpa_supplicant implementation.

First it appears the wpa_supplicant only supports retransmitting the PKEX exchange request. This is a bit strange since its a broadcast so you should never see the no-ACK flag for this. Adding retransmissions to other frames is obviously an additional feature and isn't required by the spec but I just figured I'd point that out.

Second, and more importantly, it does not handle the case of a peer not receiving the PKEX exchange response (no-ACK set in TX-STATUS). The following situation gets wpa_supplicant into a state where it will not accept any PKEX exchange requests, since it already received one:

 - Start wpa_supplicant PKEX as responder
 - wpa_supplicant receives PKEX exchange request, sends response
 - Peer does not ack, TX-STATUS has no-ACK flag set.
- Peer sends another PKEX exchange request but wpa_supplicant ignores since it thinks there is an ongoing PKEX exchange.

This actually seems like a common case to hit due to the 200ms wait requirement and how offchannel works in the kernel. A peer is going to be iterating some list of frequencies and only dwelling for 200ms on channel. If wpa_supplicant receives the exchange request but the peer left the channel before the response was sent you could get into this situation. It seems like wpa_supplicant should reset _something_ when it gets a no-ACK TX-STATUS having only sent the PKEX response?

Thanks,
James

_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap



[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux