aboutsummaryrefslogtreecommitdiffstats
path: root/src/ap/ieee802_11.c
diff options
context:
space:
mode:
authorMasashi Honma <masashi.honma@gmail.com>2015-07-08 13:41:36 (GMT)
committerJouni Malinen <j@w1.fi>2015-08-02 18:37:10 (GMT)
commitecd40fef7413c27d1a1feae6363971f9a0417099 (patch)
tree19773567ef69b7803787da31cf354516cca1b508 /src/ap/ieee802_11.c
parent3dfa519c3252df42ea1c04519acd8fa43a5a998f (diff)
downloadhostap-ecd40fef7413c27d1a1feae6363971f9a0417099.zip
hostap-ecd40fef7413c27d1a1feae6363971f9a0417099.tar.gz
hostap-ecd40fef7413c27d1a1feae6363971f9a0417099.tar.bz2
mesh: Fix mesh SAE auth on low spec devices
The mesh SAE auth often fails with master branch. By bisect I found commit eb5fee0bf50444419ac12d3c7f38f27a47523a47 ('SAE: Add side-channel protection to PWE derivation with ECC') causes this issue. This does not mean the commit has a bug. This is just a CPU resource issue. After the commit, sae_derive_pwe_ecc() spends 101(msec) on my PC (Intel Atom N270 1.6GHz). But dot11RSNASAERetransPeriod is 40(msec). So auth_sae_retransmit_timer() is always called and it can causes continuous frame exchanges. Before the commit, it was 23(msec). On the IEEE 802.11 spec, the default value of dot11RSNASAERetransPeriod is defined as 40(msec). But it looks short because generally mesh functionality will be used on low spec devices. Indeed Raspberry Pi B+ (ARM ARM1176JZF-S 700MHz) requires 287(msec) for new sae_derive_pwe_ecc(). So this patch makes the default to 1000(msec) and makes it configurable. This issue does not occur on infrastructure SAE because the dot11RSNASAERetransPeriod is not used on it. Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Diffstat (limited to 'src/ap/ieee802_11.c')
-rw-r--r--src/ap/ieee802_11.c9
1 files changed, 5 insertions, 4 deletions
diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
index 1ca31c0..2a30411 100644
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -316,7 +316,6 @@ static void handle_auth_ft_finish(void *ctx, const u8 *dst, const u8 *bssid,
#ifdef CONFIG_SAE
-#define dot11RSNASAERetransPeriod 40 /* msec */
#define dot11RSNASAESync 5 /* attempts */
@@ -499,12 +498,14 @@ static void auth_sae_retransmit_timer(void *eloop_ctx, void *eloop_data)
switch (sta->sae->state) {
case SAE_COMMITTED:
ret = auth_sae_send_commit(hapd, sta, hapd->own_addr, 0);
- eloop_register_timeout(0, dot11RSNASAERetransPeriod * 1000,
+ eloop_register_timeout(0,
+ hapd->dot11RSNASAERetransPeriod * 1000,
auth_sae_retransmit_timer, hapd, sta);
break;
case SAE_CONFIRMED:
ret = auth_sae_send_confirm(hapd, sta, hapd->own_addr);
- eloop_register_timeout(0, dot11RSNASAERetransPeriod * 1000,
+ eloop_register_timeout(0,
+ hapd->dot11RSNASAERetransPeriod * 1000,
auth_sae_retransmit_timer, hapd, sta);
break;
default:
@@ -530,7 +531,7 @@ static void sae_set_retransmit_timer(struct hostapd_data *hapd,
return;
eloop_cancel_timeout(auth_sae_retransmit_timer, hapd, sta);
- eloop_register_timeout(0, dot11RSNASAERetransPeriod * 1000,
+ eloop_register_timeout(0, hapd->dot11RSNASAERetransPeriod * 1000,
auth_sae_retransmit_timer, hapd, sta);
}