@@ -3402,6 +3402,13 @@ static bool station_retry_with_reason(struct station *station,
blacklist_add_bss(station->connected_bss->addr);
+ /*
+ * Network blacklist the BSS as well, since the timeout blacklist could
+ * be disabled
+ */
+ network_blacklist_add(station->connected_network,
+ station->connected_bss);
+
try_next:
return station_try_next_bss(station);
}
@@ -3449,6 +3456,10 @@ static bool station_pmksa_fallback(struct station *station, uint16_t status)
static bool station_retry_with_status(struct station *station,
uint16_t status_code)
{
+ /* If PMKSA failed don't blacklist so we can retry this BSS */
+ if (station_pmksa_fallback(station, status_code))
+ goto try_next;
+
/*
* Certain Auth/Assoc failures should not cause a timeout blacklist.
* In these cases we want to only temporarily blacklist the BSS until
@@ -3459,12 +3470,18 @@ static bool station_retry_with_status(struct station *station,
* specific BSS on our next attempt. There is currently no way to
* obtain that IE, but this should be done in the future.
*/
- if (IS_TEMPORARY_STATUS(status_code))
- network_blacklist_add(station->connected_network,
- station->connected_bss);
- else if (!station_pmksa_fallback(station, status_code))
+ if (!IS_TEMPORARY_STATUS(status_code))
blacklist_add_bss(station->connected_bss->addr);
+ /*
+ * Unconditionally network blacklist the BSS if we are retrying. This
+ * will allow network_bss_select to traverse the BSS list and ignore
+ * BSS's which have previously failed
+ */
+ network_blacklist_add(station->connected_network,
+ station->connected_bss);
+
+try_next:
iwd_notice(IWD_NOTICE_CONNECT_FAILED, "status: %u", status_code);
return station_try_next_bss(station);
Allowing the timeout blacklist to be disabled has introduced a bug where a failed connection will not result in the BSS list to be traversed. This causes IWD to retry the same BSS over and over which be either a) have some issue preventing a connection or b) may simply be unreachable/out of range. This is because IWD was inherently relying on the timeout blacklist to flag BSS's on failures. With it disabled there was nothing to tell network_bss_select that we should skip the BSS and it would return the same BSS indefinitely. To fix this some of the blacklisting logic was re-worked in station. Now, a BSS will always get network blacklisted upon a failure. This allows network.c to traverse to the next BSS upon failure. For auth/assoc failures we will then only timeout blacklist under certain conditions, i.e. the status code was not in the temporary list. Fixes: 77639d2d452e ("blacklist: allow configuration to disable the blacklist") --- src/station.c | 25 +++++++++++++++++++++---- 1 file changed, 21 insertions(+), 4 deletions(-)