Re: [PATCH] Use SA Query for 4-way handshake timeout

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sun, Sep 15, 2024 at 08:43:20AM +0000, Otcheretianski, Andrei wrote:
> > Is that not the case? If it is not, how would you propose to resolve this
> > condition?
> > 
> 
> I think if the STA didn't get an ACK for M4 (or any other message) it should handle this by properly maintaining its internal state, rather than relying on some specific reason code from the AP, as different AP's may behave differently.

As far as the question about use of SA Query procedure is concerned, a
non-AP STA can initiate SA Query procedure for any reason at any point
in time in an association where PMF has been negotiated, so there is not
really any issue with the proposed patch from that view point.

It might make sense to accept unprotected Deauthentication and
Disassociation frames at the beginning of an association if no protected
frame has been received from the AP yet. There might not be a convenient
mechanism for determining that detail at the moment, but that would be
kind of nice information to make available in the kernel interface..
Already available information for this could be the combination of the
M4 not being reported as having been ACKed and only a small period of
time having been passed from the STA having transmitted it.

-- 
Jouni Malinen                                            PGP id EFC895FA

_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap



[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux