From patchwork Mon Feb 8 15:32:07 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: =?utf-8?q?Micha=C5=82_Kazior?= X-Patchwork-Id: 1437727 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2001:8b0:10b:1231::1; helo=merlin.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=merlin.20170209 header.b=Sh5JE3dS; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=P4g3dI1F; dkim-atps=neutral Received: from merlin.infradead.org (merlin.infradead.org [IPv6:2001:8b0:10b:1231::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4DZ95n4vlRz9sSC for ; Tue, 9 Feb 2021 02:33:17 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To:Message-Id:Date: Subject:To:From:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=iGFhUw1wqTNtT6Sln5Z/IPsJXY/zhQB/XMqaS5D9bX4=; b=Sh5JE3dSMFVTdA66VCnPsngz4 9WOd7heKAm5m5+fEpr3c7K2PcIRzeDzNX5QPplBkdKFNy6aKhHuwmcMkOzsR4ALyIhg7FRzhQRkUT TStfiyO0G5Hb/0C8lCx29PigPmsk8CS2ks6APTC0w1VuGaVxE6KW+b2RpHqbGauREeSVHvI68uwJc ciRZsBFlwIOqD9GhGpenbh199/tWzwht04UXe0WTpED0qTS1eJZfiu5OHc4iVhSGxW3sldIvmHI1F Lf5OFItWKiDbfsu44lG8PWnPEIT8exGZ4yle8tQuaJNhfZEREqsoRak8ZrmbxUzCHovHUtOEWZFw4 7A2nlF20g==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1l98Wc-0002iK-Ca; Mon, 08 Feb 2021 15:32:30 +0000 Received: from mail-lf1-x12a.google.com ([2a00:1450:4864:20::12a]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1l98WX-0002gc-Qe for hostap@lists.infradead.org; Mon, 08 Feb 2021 15:32:26 +0000 Received: by mail-lf1-x12a.google.com with SMTP id v5so20716625lft.13 for ; Mon, 08 Feb 2021 07:32:25 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=NF3Q5VHjWadFIHKL/WqiMG0Xgz3/l8s95oouNxig9pw=; b=P4g3dI1Fcsf7xZhe4ewU1uPspSbv85scPso49ePq3pt38yzDFN0bt+ssooHI6roaTS Hf0OCpN+Cfh8w0I7/l1FjysdCOIE336f6IG2UW3H7exo7v2ckLSdGBpI4RpRXxuR3ZQP zAhtd7eWeWcPpXbEPDXlSaj0W9UteB41HGdG0ANLWeNT0QWV8cKSWQhDt0znvOT601EJ q6rC3VchrA4RpnlEhl/sC6iwC8siiIoSPwOswvZvj8R4FRYT0UKjXZ66aVuwKtDLftT+ N3O1ORXEUKUq/t339RTg9XyJPJNNd8/7eWWgqS3K70DcNcA/mEKkm7UYAByoUdsizc5y 2rdQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=NF3Q5VHjWadFIHKL/WqiMG0Xgz3/l8s95oouNxig9pw=; b=Jcx3fPG/bP/2Dyg8gHxUF60O+C3dOElyByy09TIAn+8epEy/nwJNR/1iIGXbTGZgRB j6738Ol3rIa43BCstXmqrm8J6yC0YjmV+74D8VKykr/KLDhVq2jAGS/TKQ4cHDc5eQNO xR8pB+gl0nPej+VGO/yjzfeYD6DqLwftDBN8ZCUFxtjPb/e1cWFyeRO+wK/AVyruZYJm P/fVWfELsrp+mj6b3dLj+iw+YjHMlw2V7dxf+qHQzQ+ym1cYEBUIm3wtlffmIhXFSiUT rN6cFzMvR3kIS3TipQwU44d3Pg77LDiKBE31lR/Vhuw9CDn0wCwT0dd/nl6obfGd9R++ bFOQ== X-Gm-Message-State: AOAM531wVfoOmFVKIs9/ig7DV5FiFX5Hf6lUxSOkEFOcEwKNgqF2J68V Vv+NQ4L5r4pH9IkJaVk3dwjwlG2q3Dg= X-Google-Smtp-Source: ABdhPJwpRX6IEaeHflaRzAjaIejpRWNM0QB0UvhcezAxXYevLJo5M/Lo2kntKkp6DBQVEQXT01I7Bw== X-Received: by 2002:a19:7ec4:: with SMTP id z187mr5903704lfc.468.1612798344020; Mon, 08 Feb 2021 07:32:24 -0800 (PST) Received: from drun:home-michalkazior-docker-linux-alpine.pl.plumewifi.com ([2a03:4b00:0:4:692:26ff:fed9:4198]) by smtp.gmail.com with ESMTPSA id h9sm2124518lfj.24.2021.02.08.07.32.23 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 08 Feb 2021 07:32:23 -0800 (PST) From: Michal Kazior To: hostap@lists.infradead.org Subject: [PATCH 3/3] DPP: prevent processing dpp action frames when stopped Date: Mon, 8 Feb 2021 15:32:07 +0000 Message-Id: <20210208153207.108755-3-kazikcz@gmail.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20210208153207.108755-1-kazikcz@gmail.com> References: <20210208153207.108755-1-kazikcz@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210208_103225_907540_D3E8098B X-CRM114-Status: GOOD ( 14.28 ) X-Spam-Score: -0.2 (/) X-Spam-Report: SpamAssassin version 3.4.4 on merlin.infradead.org summary: Content analysis details: (-0.2 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2a00:1450:4864:20:0:0:0:12a listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider [kazikcz[at]gmail.com] -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Michal Kazior Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Michal Kazior DPP configurator params can be configured per interface. DPP listening can also be started and stopped per interface. However DPP rx processing was always doomed to process incomming frames even on interfaces which were not explicitly started to do DPP listen. This happened because not only the initial value but also because the dpp_allowed_roles could never be reset to 0. This would result in random failures in configuring Enrollees when running multiple AP interfaces if some of these APs happened to not have DPP configurator params set. Signed-off-by: Michal Kazior --- src/ap/dpp_hostapd.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/ap/dpp_hostapd.c b/src/ap/dpp_hostapd.c index e106df513..a787666cf 100644 --- a/src/ap/dpp_hostapd.c +++ b/src/ap/dpp_hostapd.c @@ -704,6 +704,7 @@ int hostapd_dpp_listen(struct hostapd_data *hapd, const char *cmd) void hostapd_dpp_listen_stop(struct hostapd_data *hapd) { + hapd->dpp_allowed_roles = 0; hostapd_drv_dpp_listen(hapd, false); /* TODO: Stop listen operation on non-operating channel */ } @@ -2226,7 +2227,7 @@ static int hostapd_dpp_add_controllers(struct hostapd_data *hapd) int hostapd_dpp_init(struct hostapd_data *hapd) { - hapd->dpp_allowed_roles = DPP_CAPAB_CONFIGURATOR | DPP_CAPAB_ENROLLEE; + hapd->dpp_allowed_roles = 0; hapd->dpp_init_done = 1; return hostapd_dpp_add_controllers(hapd); }