git.ipfire.org Git - thirdparty/hostap.git/commit

author	Jouni Malinen <jouni@codeaurora.org>
	Thu, 14 Mar 2019 22:03:29 +0000 (00:03 +0200)
committer	Jouni Malinen <j@w1.fi>
	Thu, 14 Mar 2019 22:31:09 +0000 (00:31 +0200)
commit	5e3a759cd4136fbf7958fd50cc185dc3590ded97
tree	7cc49e0bc02032561c8f262ead571de8ed212b24	tree \| snapshot
parent	8ad1009e5005a729f8a6fdd787ddfd48be4d9d26	commit \| diff

SAE: Improved queuing policy for pending authentication frames

The previous design of simply queuing all SAE commit messages was not
exactly good at allowing recovery from a flooding state if the valid
peer used frequent retransmissions of the SAE message. This could
happen, e.g., with mesh BSSs using SAE. The frequent retransmissions and
restarts of SAE authentication combined with SAE confirm messages
bypassing the queue ended up in not being able to finish SAE exchange
successfully.

Fix this by modifying the queuing policy to queue SAE confirm messages
if there is a queued SAE commit message from the same peer so that the
messages within the same exchange do not get reordered. In addition,
replace queued SAE commit/confirm message if a new matching message is
received from the same peer STA. This is useful for the case where the
peer restarts SAE more quickly than the local end has time to process
the queued messages.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>