[4/4] station: re-try OWE if buggy AP is detected

Message ID	20220808171406.12931-4-prestwoj@gmail.com (mailing list archive)
State	Not Applicable, archived
Headers	show Received: from mail-pg1-f170.google.com (mail-pg1-f170.google.com [209.85.215.170]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B00193D88 for <iwd@lists.linux.dev>; Mon, 8 Aug 2022 17:14:12 +0000 (UTC) From: James Prestwood <prestwoj@gmail.com> To: iwd@lists.linux.dev Cc: James Prestwood <prestwoj@gmail.com> Subject: [PATCH 4/4] station: re-try OWE if buggy AP is detected Date: Mon, 8 Aug 2022 10:14:06 -0700 Message-Id: <20220808171406.12931-4-prestwoj@gmail.com> In-Reply-To: <20220808171406.12931-1-prestwoj@gmail.com> References: <20220808171406.12931-1-prestwoj@gmail.com> Precedence: bulk MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	[1/4] handshake: add force_default_owe_group flag \| expand [1/4] handshake: add force_default_owe_group flag [2/4] owe: allow OWE to force group 19 [3/4] network: add setter/getter/flag for forcing default OWE group [4/4] station: re-try OWE if buggy AP is detected

Message ID

20220808171406.12931-4-prestwoj@gmail.com (mailing list archive)

State

Not Applicable, archived

Headers

From: James Prestwood <prestwoj@gmail.com>
To: iwd@lists.linux.dev
Cc: James Prestwood <prestwoj@gmail.com>
Subject: [PATCH 4/4] station: re-try OWE if buggy AP is detected
Date: Mon,  8 Aug 2022 10:14:06 -0700
Message-Id: <20220808171406.12931-4-prestwoj@gmail.com>
In-Reply-To: <20220808171406.12931-1-prestwoj@gmail.com>
References: <20220808171406.12931-1-prestwoj@gmail.com>
Precedence: bulk
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

[1/4] handshake: add force_default_owe_group flag | expand

Context	Check	Description
tedd_an/pre-ci_am	success	Success
prestwoj/iwd-ci-gitlint	success	GitLint

Context

Check

Description

tedd_an/pre-ci_am

success

Success

prestwoj/iwd-ci-gitlint

success

GitLint

Commit Message

James Prestwood Aug. 8, 2022, 5:14 p.m. UTC

Some APs use an older hostapd OWE implementation which incorrectly
derives the PTK. To work around this group 19 should be used for
these APs. If there is a failure (reason=2) and the AKM is OWE
set force default group into network and retry. If this has been
done already the behavior is no different and the BSS will be
blacklisted.
---
 src/station.c | 37 +++++++++++++++++++++++++++++++++++--
 1 file changed, 35 insertions(+), 2 deletions(-)

diff --git a/src/station.c b/src/station.c
index c5dfc48e..40f9848f 100644
--- a/src/station.c
+++ b/src/station.c
@@ -2815,6 +2815,31 @@  static bool station_try_next_bss(struct station *station)
 	return true;
 }
 
+static bool station_retry_owe_default_group(struct station *station)
+{
+	const uint8_t *rsne = station->connected_bss->rsne;
+	struct ie_rsn_info info;
+
+	if (!rsne)
+		return false;
+
+	if (ie_parse_rsne_from_data(rsne, rsne[1] + 2, &info))
+		return false;
+
+	if (!(info.akm_suites & IE_RSN_AKM_SUITE_OWE))
+		return false;
+
+	/* If we already forced group 19, allow the BSS to be blacklisted */
+	if (network_get_force_default_owe_group(station->connected_network))
+		return false;
+
+	l_debug("Buggy OWE AP detected, retrying by forcing group 19!");
+
+	network_set_force_default_owe_group(station->connected_network);
+
+	return true;
+}
+
 static bool station_retry_with_reason(struct station *station,
 					uint16_t reason_code)
 {
@@ -2825,12 +2850,20 @@  static bool station_retry_with_reason(struct station *station,
 	 * Other reason codes can be added here if its decided we want to
 	 * fail in those cases.
 	 */
-	if (reason_code == MMPDU_REASON_CODE_PREV_AUTH_NOT_VALID ||
-			reason_code == MMPDU_REASON_CODE_IEEE8021X_FAILED)
+	switch (reason_code) {
+	case MMPDU_REASON_CODE_PREV_AUTH_NOT_VALID:
+		if (station_retry_owe_default_group(station))
+			goto try_next;
+		/* fall through */
+	case MMPDU_REASON_CODE_IEEE8021X_FAILED:
 		return false;
+	default:
+		break;
+	}
 
 	blacklist_add_bss(station->connected_bss->addr);
 
+try_next:
 	return station_try_next_bss(station);
 }

[4/4] station: re-try OWE if buggy AP is detected

Checks

Commit Message

Patch