fix(esp_wifi): Fix crash when assoc req comes before confirm is processed

This commit is contained in:
Shreyas Sheth 2024-03-22 13:37:25 +05:30
parent 2152112ff8
commit c3f819289d
4 changed files with 24 additions and 16 deletions

View File

@ -281,8 +281,8 @@ int esp_wifi_build_rsnxe(struct hostapd_data *hapd, u8 *eid, size_t len)
return pos - eid; return pos - eid;
} }
u16 esp_send_assoc_resp(struct hostapd_data *hapd, struct sta_info *sta, u16 esp_send_assoc_resp(struct hostapd_data *hapd, const u8 *addr,
const u8 *addr, u16 status_code, bool omit_rsnxe, int subtype) u16 status_code, bool omit_rsnxe, int subtype)
{ {
#define ASSOC_RESP_LENGTH 20 #define ASSOC_RESP_LENGTH 20
u8 buf[ASSOC_RESP_LENGTH]; u8 buf[ASSOC_RESP_LENGTH];

View File

@ -1,5 +1,5 @@
/* /*
* SPDX-FileCopyrightText: 2019-2021 Espressif Systems (Shanghai) CO LTD * SPDX-FileCopyrightText: 2019-2024 Espressif Systems (Shanghai) CO LTD
* *
* SPDX-License-Identifier: Apache-2.0 * SPDX-License-Identifier: Apache-2.0
*/ */
@ -15,9 +15,8 @@ extern "C" {
#ifdef CONFIG_ESP_WIFI_SOFTAP_SUPPORT #ifdef CONFIG_ESP_WIFI_SOFTAP_SUPPORT
void *hostap_init(void); void *hostap_init(void);
bool hostap_deinit(void *data); bool hostap_deinit(void *data);
u16 esp_send_assoc_resp(struct hostapd_data *data, struct sta_info *sta, u16 esp_send_assoc_resp(struct hostapd_data *data, const u8 *addr,
const u8 *addr, u16 status_code, bool omit_rsnxe, u16 status_code, bool omit_rsnxe, int subtype);
int subtype);
#endif #endif
#ifdef __cplusplus #ifdef __cplusplus

View File

@ -296,7 +296,7 @@ static int check_n_add_wps_sta(struct hostapd_data *hapd, struct sta_info *sta_i
if (sta_info->eapol_sm) { if (sta_info->eapol_sm) {
wpa_printf(MSG_DEBUG, "considering station " MACSTR " for WPS", MAC2STR(sta_info->addr)); wpa_printf(MSG_DEBUG, "considering station " MACSTR " for WPS", MAC2STR(sta_info->addr));
if (esp_send_assoc_resp(hapd, sta_info, sta_info->addr, WLAN_STATUS_SUCCESS, true, subtype) != WLAN_STATUS_SUCCESS) { if (esp_send_assoc_resp(hapd, sta_info->addr, WLAN_STATUS_SUCCESS, true, subtype) != WLAN_STATUS_SUCCESS) {
wpa_printf(MSG_ERROR, "failed to send assoc response " MACSTR, MAC2STR(sta_info->addr)); wpa_printf(MSG_ERROR, "failed to send assoc response " MACSTR, MAC2STR(sta_info->addr));
return -1; return -1;
} }
@ -320,15 +320,18 @@ static bool hostap_sta_join(void **sta, u8 *bssid, u8 *wpa_ie, u8 wpa_ie_len,u8
#ifdef CONFIG_SAE #ifdef CONFIG_SAE
if (old_sta->lock && os_semphr_take(old_sta->lock, 0) != TRUE) { if (old_sta->lock && os_semphr_take(old_sta->lock, 0) != TRUE) {
wpa_printf(MSG_INFO, "Ignore assoc request as softap is busy with sae calculation for station "MACSTR, MAC2STR(bssid)); wpa_printf(MSG_INFO, "Ignore assoc request as softap is busy with sae calculation for station "MACSTR, MAC2STR(bssid));
if (esp_send_assoc_resp(hapd, old_sta, bssid, WLAN_STATUS_ASSOC_REJECTED_TEMPORARILY, rsnxe ? false : true, subtype) != WLAN_STATUS_SUCCESS) { if (esp_send_assoc_resp(hapd, bssid, WLAN_STATUS_ASSOC_REJECTED_TEMPORARILY, rsnxe ? false : true, subtype) != WLAN_STATUS_SUCCESS) {
goto fail; goto fail;
} }
return false; return false;
} }
#endif /* CONFIG_SAE */
if (!esp_wifi_ap_is_sta_sae_reauth_node(bssid)) { if (!esp_wifi_ap_is_sta_sae_reauth_node(bssid)) {
ap_free_sta(hapd, old_sta); ap_free_sta(hapd, old_sta);
} else if (old_sta && old_sta->lock) {
sta_info = old_sta;
goto process_old_sta;
} }
#endif /* CONFIG_SAE */
} }
sta_info = ap_get_sta(hapd, bssid); sta_info = ap_get_sta(hapd, bssid);
@ -338,12 +341,18 @@ static bool hostap_sta_join(void **sta, u8 *bssid, u8 *wpa_ie, u8 wpa_ie_len,u8
wpa_printf(MSG_ERROR, "failed to add station " MACSTR, MAC2STR(bssid)); wpa_printf(MSG_ERROR, "failed to add station " MACSTR, MAC2STR(bssid));
goto fail; goto fail;
} }
#ifdef CONFIG_SAE
if (sta_info->lock) {
os_semphr_take(sta_info->lock, 0);
}
#endif /* CONFIG_SAE */
} }
#ifdef CONFIG_SAE
if (sta_info->lock && os_semphr_take(sta_info->lock, 0) != TRUE) {
wpa_printf(MSG_INFO, "Ignore assoc request as softap is busy with sae calculation for station "MACSTR, MAC2STR(bssid));
if (esp_send_assoc_resp(hapd, bssid, WLAN_STATUS_ASSOC_REJECTED_TEMPORARILY, rsnxe ? false : true, subtype) != WLAN_STATUS_SUCCESS) {
goto fail;
}
return false;
}
#endif /* CONFIG_SAE */
process_old_sta:
#ifdef CONFIG_WPS_REGISTRAR #ifdef CONFIG_WPS_REGISTRAR
if (check_n_add_wps_sta(hapd, sta_info, wpa_ie, wpa_ie_len, pmf_enable, subtype) == 0) { if (check_n_add_wps_sta(hapd, sta_info, wpa_ie, wpa_ie_len, pmf_enable, subtype) == 0) {

View File

@ -789,7 +789,7 @@ continue_processing:
* strong random numbers. Reject the first 4-way * strong random numbers. Reject the first 4-way
* handshake(s) and collect some entropy based on the * handshake(s) and collect some entropy based on the
* information from it. Once enough entropy is * information from it. Once enough entropy is
* available, the next atempt will trigger GMK/Key * available, the next attempt will trigger GMK/Key
* Counter update and the station will be allowed to * Counter update and the station will be allowed to
* continue. * continue.
*/ */
@ -2601,7 +2601,7 @@ send_resp:
omit_rsnxe = true; omit_rsnxe = true;
} }
if (esp_send_assoc_resp(hapd, sta, bssid, resp, omit_rsnxe, subtype) != WLAN_STATUS_SUCCESS) { if (esp_send_assoc_resp(hapd, bssid, resp, omit_rsnxe, subtype) != WLAN_STATUS_SUCCESS) {
resp = WLAN_STATUS_AP_UNABLE_TO_HANDLE_NEW_STA; resp = WLAN_STATUS_AP_UNABLE_TO_HANDLE_NEW_STA;
} }