• Jouni Malinen's avatar
    mac80211: Extend SAE authentication in infra BSS STA mode · efb543e6
    Jouni Malinen authored
    Previous implementation of SAE authentication in infrastructure BSS was
    somewhat restricting and not exactly clean way of handling the two
    auth() operations. This ended up removing and re-adding the STA entry
    for the AP in the middle of authentication and also messing up
    authentication state tracking through the sequence of four
    Authentication frames. Furthermore, this did not work if the AP ended up
    sending out SAE Confirm (auth trans #2) immediately after SAE Commit
    (auth trans #1) before the station had time to transmit its SAE Confirm.
    
    Clean up authentication state handling for the SAE case to allow two
    rounds of auth() calls without dropping all state between those
    operations. Track peer Confirmed status and mark authentication
    completed only once both ends have confirmed.
    
    ieee80211_mgd_auth() check for EBUSY cases is now handling only the
    pending association (ifmgd->assoc_data) while all pending authentication
    (ifmgd->auth_data) cases are allowed to proceed to allow user space to
    start a new connection attempt from scratch even if the previously
    requested authentication is still waiting completion. This is needed to
    avoid making SAE error cases with retries take excessive amount of time
    with no means for the user space to stop that (apart from setting the
    netdev down).
    
    As an extra bonus, the end of ieee80211_rx_mgmt_auth() can be cleaned up
    to avoid the extra copy of the cfg80211_rx_mlme_mgmt() call for ongoing
    SAE authentication since the new ieee80211_mark_sta_auth() helper
    function can handle both completion of authentication and updates to the
    STA entry under the same condition and there is no need to return from
    the function between those operations.
    Signed-off-by: default avatarJouni Malinen <jouni@codeaurora.org>
    Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
    efb543e6
ieee80211_i.h 69.7 KB