Merge branch 'bugfix/dpp_listen_bugs_v5.0' into 'release/v5.0'

fix(wpa_supplicant): Fix few bugs in dpp(v5.0)

See merge request espressif/esp-idf!26794

Author: jack0c

components/esp_common/src/esp_err_to_name.c

@@ -392,6 +392,9 @@ static const esp_err_msg_t esp_err_msg_table[] = {
 #   endif
 #   ifdef      ESP_ERR_WIFI_DISCARD
     ERR_TBL_IT(ESP_ERR_WIFI_DISCARD),                           /* 12311 0x3017 Discard frame */
+#   endif
+#   ifdef      ESP_ERR_WIFI_ROC_IN_PROGRESS
+    ERR_TBL_IT(ESP_ERR_WIFI_ROC_IN_PROGRESS),                   /* 12312 0x3018 ROC op is in progress */
 #   endif
     // components/wpa_supplicant/esp_supplicant/include/esp_wps.h
 #   ifdef      ESP_ERR_WIFI_REGISTRAR
@@ -440,6 +443,9 @@ static const esp_err_msg_t esp_err_msg_table[] = {
 #   endif
 #   ifdef      ESP_ERR_DPP_INVALID_ATTR
     ERR_TBL_IT(ESP_ERR_DPP_INVALID_ATTR),                       /* 12441 0x3099 Encountered invalid DPP Attribute */
+#   endif
+#   ifdef      ESP_ERR_DPP_AUTH_TIMEOUT
+    ERR_TBL_IT(ESP_ERR_DPP_AUTH_TIMEOUT),                       /* 12442 0x309a DPP Auth response was not recieved in time */
 #   endif
     // components/esp_common/include/esp_err.h
 #   ifdef      ESP_ERR_MESH_BASE

components/esp_wifi/include/esp_wifi.h

@@ -83,6 +83,8 @@ extern "C" {
 #define ESP_ERR_WIFI_NOT_ASSOC   (ESP_ERR_WIFI_BASE + 21)  /*!< The WiFi connection is not associated */
 #define ESP_ERR_WIFI_TX_DISALLOW (ESP_ERR_WIFI_BASE + 22)  /*!< The WiFi TX is disallowed */
 #define ESP_ERR_WIFI_DISCARD     (ESP_ERR_WIFI_BASE + 23)  /*!< Discard frame */
+#define ESP_ERR_WIFI_ROC_IN_PROGRESS     (ESP_ERR_WIFI_BASE + 24)  /*!< ROC op is in progress */
+
 /**
  * @brief WiFi stack configuration parameters passed to esp_wifi_init call.
  */

components/esp_wifi/lib

@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2020-2022 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2020-2023 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: Apache-2.0
  */
@@ -15,10 +15,12 @@
 extern "C" {
 #endif
 
+#define ESP_DPP_AUTH_TIMEOUT_SECS 1
+
 #define ESP_ERR_DPP_FAILURE         (ESP_ERR_WIFI_BASE + 151)   /*!< Generic failure during DPP Operation */
 #define ESP_ERR_DPP_TX_FAILURE      (ESP_ERR_WIFI_BASE + 152)   /*!< DPP Frame Tx failed OR not Acked */
 #define ESP_ERR_DPP_INVALID_ATTR    (ESP_ERR_WIFI_BASE + 153)   /*!< Encountered invalid DPP Attribute */
-
+#define ESP_ERR_DPP_AUTH_TIMEOUT    (ESP_ERR_WIFI_BASE + 154)   /*!< DPP Auth response was not recieved in time */
 /** @brief Types of Bootstrap Methods for DPP. */
 typedef enum dpp_bootstrap_type {
     DPP_BOOTSTRAP_QR_CODE,  /**< QR Code Method */

components/wpa_supplicant/esp_supplicant/include/esp_dpp.h

@@ -6,6 +6,7 @@
 
 #include "utils/includes.h"
 #include "utils/common.h"
+#include "utils/eloop.h"
 #include "common/defs.h"
 
 #include "esp_dpp_i.h"
@@ -21,8 +22,7 @@ static void *s_dpp_task_hdl = NULL;
 static void *s_dpp_evt_queue = NULL;
 static void *s_dpp_api_lock = NULL;
 
-static bool s_dpp_stop_listening;
-static int s_dpp_auth_retries;
+static bool s_dpp_listen_in_progress;
 static struct esp_dpp_context_t s_dpp_ctx;
 static wifi_action_rx_cb_t s_action_rx_cb = esp_supp_rx_action;
 
@@ -37,6 +37,7 @@ struct action_rx_param {
     struct ieee80211_action *action_frm;
 };
 
+
 static int esp_dpp_post_evt(uint32_t evt_id, uint32_t data)
 {
     dpp_event_t *evt = os_zalloc(sizeof(dpp_event_t));
@@ -73,9 +74,27 @@ static int esp_dpp_post_evt(uint32_t evt_id, uint32_t data)
 
 static void esp_dpp_call_cb(esp_supp_dpp_event_t evt, void *data)
 {
+    if ( evt == ESP_SUPP_DPP_FAIL && s_dpp_ctx.dpp_auth) {
+        dpp_auth_deinit(s_dpp_ctx.dpp_auth);
+        s_dpp_ctx.dpp_auth = NULL;
+    }
     s_dpp_ctx.dpp_event_cb(evt, data);
 }
 
+static void esp_dpp_auth_conf_wait_timeout(void *eloop_ctx, void *timeout_ctx)
+{
+    if (!s_dpp_ctx.dpp_auth || !s_dpp_ctx.dpp_auth->waiting_auth_conf)
+        return;
+
+    wpa_printf(MSG_DEBUG,
+           "DPP: Terminate authentication exchange due to Auth Confirm timeout");
+    if (s_dpp_ctx.dpp_auth) {
+        dpp_auth_deinit(s_dpp_ctx.dpp_auth);
+        s_dpp_ctx.dpp_auth = NULL;
+    }
+    esp_dpp_call_cb(ESP_SUPP_DPP_FAIL, (void *)ESP_ERR_DPP_AUTH_TIMEOUT);
+}
+
 void esp_send_action_frame(uint8_t *dest_mac, const uint8_t *buf, uint32_t len,
                            uint8_t channel, uint32_t wait_time_ms)
 {
@@ -141,15 +160,20 @@ static void esp_dpp_rx_auth_req(struct action_rx_param *rx_param, uint8_t *dpp_d
         rc = ESP_ERR_DPP_INVALID_ATTR;
         goto fail;
     }
-
+    if (s_dpp_ctx.dpp_auth) {
+        wpa_printf(MSG_DEBUG, "DPP: Already in DPP authentication exchange - ignore new one");
+        return;
+    }
     s_dpp_ctx.dpp_auth = dpp_auth_req_rx(NULL, DPP_CAPAB_ENROLLEE, 0, NULL,
                                          own_bi, rx_param->channel,
                                          (const u8 *)&rx_param->action_frm->u.public_action.v, dpp_data, len);
     os_memcpy(s_dpp_ctx.dpp_auth->peer_mac_addr, rx_param->sa, ETH_ALEN);
-
     esp_send_action_frame(rx_param->sa, wpabuf_head(s_dpp_ctx.dpp_auth->resp_msg),
                           wpabuf_len(s_dpp_ctx.dpp_auth->resp_msg),
                           rx_param->channel, OFFCHAN_TX_WAIT_TIME);
+    eloop_cancel_timeout(esp_dpp_auth_conf_wait_timeout, NULL,NULL);
+    eloop_register_timeout(ESP_DPP_AUTH_TIMEOUT_SECS, 0, esp_dpp_auth_conf_wait_timeout,NULL, NULL);
+
     return;
 fail:
     esp_dpp_call_cb(ESP_SUPP_DPP_FAIL, (void *)rc);
@@ -203,7 +227,7 @@ static int esp_dpp_handle_config_obj(struct dpp_authentication *auth,
         wpa_printf(MSG_INFO, DPP_EVENT_CONNECTOR "%s",
                    conf->connector);
     }
-    s_dpp_stop_listening = false;
+    s_dpp_listen_in_progress = true;
     esp_wifi_action_tx_req(WIFI_OFFCHAN_TX_CANCEL, 0, 0, NULL);
     esp_dpp_call_cb(ESP_SUPP_DPP_CFG_RECVD, wifi_cfg);
 
@@ -234,6 +258,8 @@ static void esp_dpp_rx_auth_conf(struct action_rx_param *rx_param, uint8_t *dpp_
         goto fail;
     }
 
+    eloop_cancel_timeout(esp_dpp_auth_conf_wait_timeout, NULL, NULL);
+
     if (dpp_auth_conf_rx(auth, (const u8 *)&public_action->v,
                          dpp_data, len) < 0) {
         wpa_printf(MSG_DEBUG, "DPP: Authentication failed");
@@ -283,7 +309,7 @@ static void gas_query_resp_rx(struct action_rx_param *rx_param)
     int i, res;
 
     if (pos[1] == WLAN_EID_VENDOR_SPECIFIC && pos[2] == 5 &&
-            WPA_GET_BE24(&pos[3]) == OUI_WFA && pos[6] == 0x1a && pos[7] == 1) {
+            WPA_GET_BE24(&pos[3]) == OUI_WFA && pos[6] == 0x1a && pos[7] == 1 && auth) {
         if (dpp_conf_resp_rx(auth, resp, rx_param->vendor_data_len - 2) < 0) {
             wpa_printf(MSG_DEBUG, "DPP: Configuration attempt failed");
             goto fail;
@@ -319,7 +345,7 @@ static void esp_dpp_rx_action(struct action_rx_param *rx_param)
                                         (size_t)(public_action->v.pa_vendor_spec.vendor_data -
                                                  (u8 *)rx_param->action_frm);
 
-            if (!s_dpp_stop_listening) {
+            if (s_dpp_listen_in_progress) {
                 esp_supp_dpp_stop_listen();
             }
 
@@ -356,6 +382,21 @@ static void esp_dpp_task(void *pvParameters )
 
             switch (evt->id) {
             case SIG_DPP_DEL_TASK:
+                struct dpp_bootstrap_params_t *params = &s_dpp_ctx.bootstrap_params;
+                eloop_cancel_timeout(esp_dpp_auth_conf_wait_timeout, NULL, NULL);
+                if (params->info) {
+                    os_free(params->info);
+                    params->info = NULL;
+                }
+
+                if (s_dpp_ctx.dpp_global) {
+                    dpp_global_deinit(s_dpp_ctx.dpp_global);
+                    s_dpp_ctx.dpp_global = NULL;
+                }
+                if (s_dpp_ctx.dpp_auth) {
+                    dpp_auth_deinit(s_dpp_ctx.dpp_auth);
+                    s_dpp_ctx.dpp_auth = NULL;
+                }
                 task_del = true;
                 break;
 
@@ -380,14 +421,20 @@ static void esp_dpp_task(void *pvParameters )
                 struct dpp_bootstrap_params_t *p = &s_dpp_ctx.bootstrap_params;
                 static int counter;
                 int channel;
+                esp_err_t ret = 0;
 
                 if (p->num_chan <= 0) {
                     wpa_printf(MSG_ERROR, "Listen channel not set");
                     break;
                 }
                 channel = p->chan_list[counter++ % p->num_chan];
-                esp_wifi_remain_on_channel(WIFI_IF_STA, WIFI_ROC_REQ, channel,
+                ret = esp_wifi_remain_on_channel(WIFI_IF_STA, WIFI_ROC_REQ, channel,
                                            BOOTSTRAP_ROC_WAIT_TIME, s_action_rx_cb);
+                if (ret != ESP_OK) {
+                    wpa_printf(MSG_ERROR, "Failed ROC. error : 0x%x", ret);
+                    break;
+                }
+                s_dpp_listen_in_progress = true;
             }
             break;
 
@@ -460,13 +507,14 @@ static void offchan_event_handler(void *arg, esp_event_base_t event_base,
                    evt->status, (uint32_t)evt->context);
 
         if (evt->status) {
+            eloop_cancel_timeout(esp_dpp_auth_conf_wait_timeout, NULL, NULL);
             esp_dpp_call_cb(ESP_SUPP_DPP_FAIL, (void *)ESP_ERR_DPP_TX_FAILURE);
         }
 
     } else if (event_id == WIFI_EVENT_ROC_DONE) {
         wifi_event_roc_done_t *evt = (wifi_event_roc_done_t *)event_data;
 
-        if (!s_dpp_stop_listening && evt->context == (uint32_t)s_action_rx_cb) {
+        if (s_dpp_listen_in_progress && evt->context == (uint32_t)s_action_rx_cb) {
             esp_dpp_post_evt(SIG_DPP_LISTEN_NEXT_CHANNEL, 0);
         }
     }
@@ -591,6 +639,11 @@ esp_supp_dpp_bootstrap_gen(const char *chan_list, enum dpp_bootstrap_type type,
 
 esp_err_t esp_supp_dpp_start_listen(void)
 {
+    if (s_dpp_listen_in_progress) {
+        wpa_printf(MSG_ERROR, "DPP: Failed to start listen as listen is already in progress.");
+        return ESP_FAIL;
+    }
+
     if (!s_dpp_ctx.dpp_global || s_dpp_ctx.id < 1) {
         wpa_printf(MSG_ERROR, "DPP: failed to start listen as dpp not initialized or bootstrapped.");
         return ESP_FAIL;
@@ -601,13 +654,12 @@ esp_err_t esp_supp_dpp_start_listen(void)
         return ESP_ERR_INVALID_STATE;
     }
 
-    s_dpp_stop_listening = false;
     return esp_dpp_post_evt(SIG_DPP_LISTEN_NEXT_CHANNEL, 0);
 }
 
 void esp_supp_dpp_stop_listen(void)
 {
-    s_dpp_stop_listening = true;
+    s_dpp_listen_in_progress = false;
     esp_wifi_remain_on_channel(WIFI_IF_STA, WIFI_ROC_CANCEL, 0, 0, NULL);
 }
 
@@ -618,6 +670,7 @@ bool is_dpp_enabled(void)
 
 esp_err_t esp_supp_dpp_init(esp_supp_dpp_event_cb_t cb)
 {
+    esp_err_t ret = ESP_OK;
     wifi_mode_t mode = 0;
     if (esp_wifi_get_mode(&mode) || ((mode != WIFI_MODE_STA) && (mode != WIFI_MODE_APSTA))) {
         wpa_printf(MSG_ERROR, "DPP: failed to init as not in station mode.");
@@ -632,30 +685,41 @@ esp_err_t esp_supp_dpp_init(esp_supp_dpp_event_cb_t cb)
         wpa_printf(MSG_ERROR, "DPP: failed to init as init already done.");
         return ESP_FAIL;
     }
-    struct dpp_global_config cfg = {0};
-    int ret;
 
     os_bzero(&s_dpp_ctx, sizeof(s_dpp_ctx));
-    s_dpp_ctx.dpp_event_cb = cb;
-
+    struct dpp_global_config cfg = {0};
     cfg.cb_ctx = &s_dpp_ctx;
     cfg.msg_ctx = &s_dpp_ctx;
     s_dpp_ctx.dpp_global = dpp_global_init(&cfg);
+    if (!s_dpp_ctx.dpp_global) {
+        wpa_printf(MSG_ERROR, "DPP: failed to allocate memory for dpp_global");
+        ret = ESP_ERR_NO_MEM;
+        goto init_fail;
+    }
+
+    s_dpp_api_lock = os_recursive_mutex_create();
+    if (!s_dpp_api_lock) {
+        wpa_printf(MSG_ERROR, "DPP: dpp_init: failed to create DPP API lock");
+        ret = ESP_ERR_NO_MEM;
+        goto init_fail;
+    }
 
-    s_dpp_stop_listening = false;
     s_dpp_evt_queue = os_queue_create(3, sizeof(dpp_event_t));
+    if (!s_dpp_evt_queue) {
+        wpa_printf(MSG_ERROR, "DPP: dpp_init: failed to create DPP API queue");
+        ret = ESP_ERR_NO_MEM;
+        goto init_fail;
+    }
+
     ret = os_task_create(esp_dpp_task, "dppT", DPP_TASK_STACK_SIZE, NULL, 2, &s_dpp_task_hdl);
     if (ret != TRUE) {
         wpa_printf(MSG_ERROR, "DPP: failed to create task");
-        return ESP_FAIL;
+        ret = ESP_ERR_NO_MEM;
+        goto init_fail;
     }
 
-    s_dpp_api_lock = os_recursive_mutex_create();
-    if (!s_dpp_api_lock) {
-        esp_supp_dpp_deinit();
-        wpa_printf(MSG_ERROR, "DPP: dpp_init: failed to create DPP API lock");
-        return ESP_ERR_NO_MEM;
-    }
+    s_dpp_listen_in_progress = false;
+    s_dpp_ctx.dpp_event_cb = cb;
 
     esp_event_handler_register(WIFI_EVENT, WIFI_EVENT_ACTION_TX_STATUS,
                                &offchan_event_handler, NULL);
@@ -665,25 +729,32 @@ esp_err_t esp_supp_dpp_init(esp_supp_dpp_event_cb_t cb)
     wpa_printf(MSG_INFO, "esp_dpp_task prio:%d, stack:%d\n", 2, DPP_TASK_STACK_SIZE);
 
     return ESP_OK;
+init_fail:
+    if (s_dpp_ctx.dpp_global) {
+        dpp_global_deinit(s_dpp_ctx.dpp_global);
+        s_dpp_ctx.dpp_global = NULL;
+    }
+    if (s_dpp_api_lock) {
+        os_semphr_delete(s_dpp_api_lock);
+        s_dpp_api_lock = NULL;
+    }
+    if (s_dpp_evt_queue) {
+        os_queue_delete(s_dpp_evt_queue);
+        s_dpp_evt_queue = NULL;
+    }
+    return ret;
 }
-
 void esp_supp_dpp_deinit(void)
 {
-    struct dpp_bootstrap_params_t *params = &s_dpp_ctx.bootstrap_params;
-    if (params->info) {
-        os_free(params->info);
-        params->info = NULL;
-    }
 
     esp_event_handler_unregister(WIFI_EVENT, WIFI_EVENT_ACTION_TX_STATUS,
                                &offchan_event_handler);
     esp_event_handler_unregister(WIFI_EVENT, WIFI_EVENT_ROC_DONE,
                                &offchan_event_handler);
-    s_dpp_auth_retries = 0;
     if (s_dpp_ctx.dpp_global) {
-        dpp_global_deinit(s_dpp_ctx.dpp_global);
-        s_dpp_ctx.dpp_global = NULL;
-        esp_dpp_post_evt(SIG_DPP_DEL_TASK, 0);
+        if (esp_dpp_post_evt(SIG_DPP_DEL_TASK, 0)) {
+            wpa_printf(MSG_ERROR, "DPP Deinit Failed");
+        }
     }
 }
 #endif