WPS: Fix clear-from-timeout handling to avoid race condition

The 100 ms timeout to clear WPS state after EAP-Failure has been
received worked otherwise fine, but it opened a race condition on
another WPS operation starting within that wait. If that happens, the
timeout will cancel that new operation unexpectedly. Fix this by
cancelling the timeout from wpas_clear_wps().

Signed-hostap: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2014-01-01 22:00:09 +02:00
parent 3bdf7d7f67
commit 5890fa81d8

View file

@ -866,6 +866,7 @@ static void wpas_clear_wps(struct wpa_supplicant *wpa_s)
wpas_wps_reenable_networks(wpa_s); wpas_wps_reenable_networks(wpa_s);
eloop_cancel_timeout(wpas_wps_timeout, wpa_s, NULL); eloop_cancel_timeout(wpas_wps_timeout, wpa_s, NULL);
eloop_cancel_timeout(wpas_wps_clear_timeout, wpa_s, NULL);
/* Remove any existing WPS network from configuration */ /* Remove any existing WPS network from configuration */
ssid = wpa_s->conf->ssid; ssid = wpa_s->conf->ssid;
@ -1135,6 +1136,9 @@ int wpas_wps_cancel(struct wpa_supplicant *wpa_s)
} else { } else {
wpas_wps_reenable_networks(wpa_s); wpas_wps_reenable_networks(wpa_s);
wpas_wps_clear_ap_info(wpa_s); wpas_wps_clear_ap_info(wpa_s);
if (eloop_cancel_timeout(wpas_wps_clear_timeout, wpa_s, NULL) >
0)
wpas_clear_wps(wpa_s);
} }
wpa_s->after_wps = 0; wpa_s->after_wps = 0;