Cumulative patch from commit 21cb63fffd1e766c8b989125394ed0bfb05e5a4b
21cb63f OpenSSL: Fix client certificate chain building after PKCS#12 use
12a81b6 ACS: Remove unreachable case from a debug print
896607d Remove a pointer check that can never be true
a95cc47 ACS: Be more consistent with iface->current_mode checks
6014e59 P2P: Print find_start in debug log when ignoring old scan results
64845c1 l2_packet: Extend bridge workaround RX processing to cover two frames
4a539ab l2_packet: Improve bridge workaround RX processing
7a36f11 EAP-PAX: Check hmac_sha1_vector() return value
1d20c66 P2P: Clear groups first on FLUSH command
27446e4 mesh: Do not force another peering exchange on driver event
cc64fe7 mesh: Do not clear link state on driver event if exchange was started
b5f5c32 mesh: Add some more details to MPM debug messages
7d41907 nl80211: Add a missing space to a debug message
6174de6 mesh: Connection and group started/removed events into debug log
2da4a56 Add more hostapd.conf documentation for hw_mode with HT/VHT
acc3943 EAP-PEAP peer: Cryptobinding in fast-reconnect case with inner EAP
cba9ebf P2P: Try SD Query with each non-ACK peer only once per search iteration
e9ccfc3 Clear wpa_supplicant state to DISCONNECTED on FLUSH command
aeb408f HS 2.0: Add some documentation for OSEN and network block use
4f6cd3f Fix wpa_supplicant AP mode P2P IE handling if P2P is disabled
92acb40 Fix wpa_supplicant build with CONFIG_L2_PACKET=pcap
15c5606 Update copyright notices for the new year 2016
6e379c6 WPS: Testing mechanism to force auth/encr type flags
ea31912 WPS: Add a workaround for WPA2PSK missing from Enrollee auth flags
db671e0 WPS: Do not build Credential with unsupported encr combination on AP
d7c3347 HS 2.0: Postpone WNM-Notification sending by 100 ms
750f5d9 EAP-FAST: Enable AES256-based TLS cipher suites with OpenSSL
1ebb24b OpenSSL: Share a single openssl_tls_prf() implementation
dea2051 OpenSSL: Clean up function to fetch client/server random
9a42d85 OpenSSL: Drop support for OpenSSL 1.0.0
de213e8 OpenSSL: Drop support for OpenSSL 0.9.8
e79eb0c P2P: Fix P2P_FIND while waiting for listen ROC to start in the driver
944f693 P2P: Stop offchannel TX wait on P2P_STOP_FIND/P2P_LISTEN
8edd9f1 P2P: Add an option to specify group SSID in P2P_CONNECT join case
70e0cb3 P2P: Provide group SSID, if specified, to P2P Client join step
438be60 P2P: Do not accept any GO BSS entry if SSID is specified for join
35510d5 P2P: Use join SSID in the skip-PD cases
8b8d4f4 P2P: Do not accept any BSS entry for join if SSID is already known
b875276 P2P: Use group SSID, if known, for join operation even if no BSS entry
aa256cb P2PS: Add group SSID, if known, to the P2PS-PROV-DONE event
071e3bf FST: Fix handling of Rx FST Setup Request when session already exists
Change-Id: Ia48764e8663232291160fb24153fa367b9ed3015
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
diff --git a/src/fst/fst_session.c b/src/fst/fst_session.c
index f804b12..9e4dada 100644
--- a/src/fst/fst_session.c
+++ b/src/fst/fst_session.c
@@ -447,7 +447,9 @@
* the initiator’s MAC address, in which case, the responder
* shall delete the received FST Setup Request.
*/
- if (os_memcmp(mgmt->da, mgmt->sa, ETH_ALEN) > 0) {
+ if (fst_session_is_ready_pending(s) &&
+ /* waiting for Setup Response */
+ os_memcmp(mgmt->da, mgmt->sa, ETH_ALEN) > 0) {
fst_printf_session(s, MSG_WARNING,
"FST Request dropped due to MAC comparison (our MAC is "
MACSTR ")",
@@ -455,23 +457,26 @@
return;
}
- if (!fst_session_is_ready_pending(s)) {
- fst_printf_session(s, MSG_WARNING,
- "FST Request from " MACSTR
- " dropped due to inappropriate state %s",
- MAC2STR(mgmt->da),
- fst_session_state_name(s->state));
- return;
- }
+ /*
+ * State is SETUP_COMPLETION (either in transition or not) or
+ * TRANSITION_DONE (in transition).
+ * Setup Request arriving in this state could mean:
+ * 1. peer sent it before receiving our Setup Request (race
+ * condition)
+ * 2. peer didn't receive our Setup Response. Peer is retrying
+ * after STT timeout
+ * 3. peer's FST state machines are out of sync due to some
+ * other reason
+ *
+ * We will reset our session and create a new one instead.
+ */
+ fst_printf_session(s, MSG_WARNING,
+ "resetting due to FST request");
/*
* If FST Setup Request arrived with the same FSTS ID as one we
- * initialized before, it means the other side either didn't
- * receive our FST Request or skipped it for some reason (for
- * example, due to numerical MAC comparison).
- *
- * In this case, there's no need to tear down the session.
+ * initialized before, there's no need to tear down the session.
* Moreover, as FSTS ID is the same, the other side will
* associate this tear down with the session it initiated that
* will break the sync.
@@ -483,7 +488,6 @@
"Skipping TearDown as the FST request has the same FSTS ID as initiated");
fst_session_set_state(s, FST_SESSION_STATE_INITIAL, &evext);
fst_session_stt_disarm(s);
- fst_printf_session(s, MSG_WARNING, "reset due to FST request");
}
s = fst_session_create(g);