diff options
| author | Sunil Dutt <c_duttus@qti.qualcomm.com> | 2013-10-03 19:20:56 +0530 |
|---|---|---|
| committer | Sunil Dutt <duttus@codeaurora.org> | 2013-10-03 19:22:25 +0530 |
| commit | d9801082e01ec7ed36ae8d6f35634a88d783df64 (patch) | |
| tree | 0b00d11dc91b0f94fa168d799fa6b87a58e17145 | |
| parent | 013eae64696b06a7794e2e131d05ade8abd26e5e (diff) | |
| download | android_external_wpa_supplicant_8-d9801082e01ec7ed36ae8d6f35634a88d783df64.tar.gz android_external_wpa_supplicant_8-d9801082e01ec7ed36ae8d6f35634a88d783df64.tar.bz2 android_external_wpa_supplicant_8-d9801082e01ec7ed36ae8d6f35634a88d783df64.zip | |
TDLS: Do not start concurrent TDLS setup
A new TDLS request shall transmit TPK M1 frame with a unique INonce.
Thus a new explicit request would fail an ongoing TDLS negotiation with
the error "TDLS: FTIE SNonce in TPK M3 does not match with FTIE SNonce
used in TPK M1" if the peer happens to receive two M1 frames before an
M3 frame. Check for the ongoing negotiation with the peer and do not
start a new one if we are already in a setup negotiation with the peer.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Git-commit: 5bfd7e91685e65977c8db72afdca0cab310f8667
Git-repo : git://w1.fi/srv/git/hostap.git
Change-Id: I599f8cc9e7aff684f55590cfac547e0e1540a09d
CRs-fixed: 552276
| -rw-r--r-- | src/rsn_supp/tdls.c | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/src/rsn_supp/tdls.c b/src/rsn_supp/tdls.c index 85fdd8d5..53206142 100644 --- a/src/rsn_supp/tdls.c +++ b/src/rsn_supp/tdls.c @@ -108,6 +108,7 @@ struct wpa_tdls_peer { } tpk; int tpk_set; int tpk_success; + int tpk_in_progress; struct tpk_timer { u8 dest[ETH_ALEN]; @@ -621,6 +622,7 @@ static void wpa_tdls_peer_free(struct wpa_sm *sm, struct wpa_tdls_peer *peer) eloop_cancel_timeout(wpa_tdls_tpk_timeout, sm, peer); eloop_cancel_timeout(wpa_tdls_tpk_retry_timeout, sm, peer); peer->initiator = 0; + peer->tpk_in_progress = 0; os_free(peer->sm_tmr.buf); peer->sm_tmr.buf = NULL; os_free(peer->ht_capabilities); @@ -1741,6 +1743,7 @@ skip_rsn_check: /* add the peer to the driver as a "setup in progress" peer */ wpa_sm_tdls_peer_addset(sm, peer->addr, 1, 0, 0, NULL, 0, NULL, NULL, 0, NULL, 0); + peer->tpk_in_progress = 1; wpa_printf(MSG_DEBUG, "TDLS: Sending TDLS Setup Response / TPK M2"); if (wpa_tdls_send_tpk_m2(sm, src_addr, dtoken, lnkid, peer) < 0) { @@ -1760,6 +1763,7 @@ error: static void wpa_tdls_enable_link(struct wpa_sm *sm, struct wpa_tdls_peer *peer) { peer->tpk_success = 1; + peer->tpk_in_progress = 0; eloop_cancel_timeout(wpa_tdls_tpk_timeout, sm, peer); if (wpa_tdls_get_privacy(sm)) { u32 lifetime = peer->lifetime; @@ -2207,12 +2211,19 @@ int wpa_tdls_start(struct wpa_sm *sm, const u8 *addr) if (peer == NULL) return -1; + if (peer->tpk_in_progress) { + wpa_printf(MSG_DEBUG, "TDLS: Setup is already in progress with the peer"); + return 0; + } + peer->initiator = 1; /* add the peer to the driver as a "setup in progress" peer */ wpa_sm_tdls_peer_addset(sm, peer->addr, 1, 0, 0, NULL, 0, NULL, NULL, 0, NULL, 0); + peer->tpk_in_progress = 1; + if (wpa_tdls_send_tpk_m1(sm, peer) < 0) { wpa_tdls_disable_peer_link(sm, peer); return -1; |