TDLS: Do not start concurrent TDLS setup

A new TDLS request shall transmit TPK M1 frame with a unique INonce.
Thus a new explicit request would fail an ongoing TDLS negotiation with
the error "TDLS: FTIE SNonce in TPK M3 does not match with FTIE SNonce
used in TPK M1" if the peer happens to receive two M1 frames before an
M3 frame. Check for the ongoing negotiation with the peer and do not
start a new one if we are already in a setup negotiation with the peer.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
Sunil Dutt 2013-09-30 17:38:41 +03:00 committed by Jouni Malinen
parent 33d85b63b5
commit 5bfd7e9168

View File

@ -109,6 +109,7 @@ struct wpa_tdls_peer {
} tpk; } tpk;
int tpk_set; int tpk_set;
int tpk_success; int tpk_success;
int tpk_in_progress;
struct tpk_timer { struct tpk_timer {
u8 dest[ETH_ALEN]; u8 dest[ETH_ALEN];
@ -623,6 +624,7 @@ static void wpa_tdls_peer_free(struct wpa_sm *sm, struct wpa_tdls_peer *peer)
eloop_cancel_timeout(wpa_tdls_tpk_retry_timeout, sm, peer); eloop_cancel_timeout(wpa_tdls_tpk_retry_timeout, sm, peer);
peer->reconfig_key = 0; peer->reconfig_key = 0;
peer->initiator = 0; peer->initiator = 0;
peer->tpk_in_progress = 0;
os_free(peer->sm_tmr.buf); os_free(peer->sm_tmr.buf);
peer->sm_tmr.buf = NULL; peer->sm_tmr.buf = NULL;
os_free(peer->ht_capabilities); os_free(peer->ht_capabilities);
@ -1738,6 +1740,7 @@ skip_rsn_check:
/* add the peer to the driver as a "setup in progress" peer */ /* add the peer to the driver as a "setup in progress" peer */
wpa_sm_tdls_peer_addset(sm, peer->addr, 1, 0, 0, NULL, 0, NULL, NULL, 0, wpa_sm_tdls_peer_addset(sm, peer->addr, 1, 0, 0, NULL, 0, NULL, NULL, 0,
NULL, 0); NULL, 0);
peer->tpk_in_progress = 1;
wpa_printf(MSG_DEBUG, "TDLS: Sending TDLS Setup Response / TPK M2"); wpa_printf(MSG_DEBUG, "TDLS: Sending TDLS Setup Response / TPK M2");
if (wpa_tdls_send_tpk_m2(sm, src_addr, dtoken, lnkid, peer) < 0) { if (wpa_tdls_send_tpk_m2(sm, src_addr, dtoken, lnkid, peer) < 0) {
@ -1757,6 +1760,7 @@ error:
static int wpa_tdls_enable_link(struct wpa_sm *sm, struct wpa_tdls_peer *peer) static int wpa_tdls_enable_link(struct wpa_sm *sm, struct wpa_tdls_peer *peer)
{ {
peer->tpk_success = 1; peer->tpk_success = 1;
peer->tpk_in_progress = 0;
eloop_cancel_timeout(wpa_tdls_tpk_timeout, sm, peer); eloop_cancel_timeout(wpa_tdls_tpk_timeout, sm, peer);
if (wpa_tdls_get_privacy(sm)) { if (wpa_tdls_get_privacy(sm)) {
u32 lifetime = peer->lifetime; u32 lifetime = peer->lifetime;
@ -2238,12 +2242,19 @@ int wpa_tdls_start(struct wpa_sm *sm, const u8 *addr)
if (peer == NULL) if (peer == NULL)
return -1; return -1;
if (peer->tpk_in_progress) {
wpa_printf(MSG_DEBUG, "TDLS: Setup is already in progress with the peer");
return 0;
}
peer->initiator = 1; peer->initiator = 1;
/* add the peer to the driver as a "setup in progress" peer */ /* add the peer to the driver as a "setup in progress" peer */
wpa_sm_tdls_peer_addset(sm, peer->addr, 1, 0, 0, NULL, 0, NULL, NULL, 0, wpa_sm_tdls_peer_addset(sm, peer->addr, 1, 0, 0, NULL, 0, NULL, NULL, 0,
NULL, 0); NULL, 0);
peer->tpk_in_progress = 1;
if (wpa_tdls_send_tpk_m1(sm, peer) < 0) { if (wpa_tdls_send_tpk_m1(sm, peer) < 0) {
wpa_tdls_disable_peer_link(sm, peer); wpa_tdls_disable_peer_link(sm, peer);
return -1; return -1;