[PATCH/RFC] improve overlap detection and handling for P2P PBC

Vitaly Wool vitalywool
Tue Nov 29 13:46:08 PST 2011 

Hi Jouni,

On Tue, Nov 29, 2011 at 7:20 PM, Jouni Malinen <j at w1.fi> wrote:

> On Tue, Nov 29, 2011 at 05:36:26PM +0100, Vitaly Wool wrote:
> > I've been struggling to get my prototype P2P device to work with Samsung
> > Galaxy SII. The connection establishment kept failing with WPS_FAILURE
> and
> > it turned out to be due to overlap detected:
> >
> > 01-03 01:27:26.140 E/wpa_supplicant( 2455): WPS: Requested UUID -
> > hexdump(len=16): 22 21 02 03 04 05 06 07 08 09 1a 1b 1c 1d 1e 1f
> > 01-03 01:27:26.140 D/wpa_supplicant( 2455): WPS: Consider PBC session
> with
> > 06:46:65:d3:4a:54
> > 01-03 01:27:26.140 E/wpa_supplicant( 2455): WPS: UUID-E -
> hexdump(len=16):
> > 22 21 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f
> > 01-03 01:27:26.140 D/wpa_supplicant( 2455): WPS: New Enrollee
> > 01-03 01:27:26.140 D/wpa_supplicant( 2455): WPS: 2 active PBC session(s)
> > found
> > 01-03 01:27:26.140 D/wpa_supplicant( 2455): WPS: PBC overlap - deny PBC
> > negotiation
>
> Argh.. Is that the way this device works with a deployed software? That
> is a known bug in that specific WPS implementation and I was hoping that
> it would never get released in a real end user product.
>
> This is so broken on multiple levels.. Those UUIDs are supposed to be
> unique for each device (good luck with those hardcoded values being
> unique) and only a single UUID can be used by the device, but this
> device is using two different ones..
>
> > So Galaxy changes UUID for PBC negotiation but the thing is, it could
> have
> > been considered to be the same session because the MAC address is the
> same.
>
> Well, yes, it could have, but this is so horribly broken that I would
> like to just not allow it to use PBC.
>

Right, but OTOH, if we have this overlap detection skipping mechanism is
present in wpa_supplicant, let's either use it or drop it. I'd suggest that
we used it, maybe under a configuration option of some kind, maybe
producing warning messages in logs but still.


>
> > There is a mechanism to do so for P2P connections in wpa_supplicant but
> it
> > doesn't work because P2P MAC address is not passed over
> > to wps_registrar_skip_overlap(). This patch adds that and also fixes the
> > PBC session removal after the negotiation (the current version leaves the
> > session in the list if it doesn't match UUID, I suggest that we remove
> all
> > sessions for the given MAC).
>
> Could you please confirm that you are seeing this broken behavior with a
> deployed end user product and there are large number of those deployed?
> I don't think I would agree with all these changes since they break the
> way PBC overlap detection is supposed to work. If this bad behavior
> shows up in huge number of end user devices, it may be justifiable to
> add a workaround for it, but I want to limit the scope of how far the
> workaround goes in disabling overlap detection.
>
>
This broken behavior is seen with Samsung Galaxy SII, which is one of the
top 5 smartphone bestsellers all over the world, and it's gotten all the
latest updates. I'm not 100% sure yet but it looks like LG970 has gotten
the same problem, so it's fair to say that all the Wi-Fi Direct enabled
smartphones currently widely available on the market have got this problem.

Thanks,
   Vitaly
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/hostap/attachments/20111129/fade33d5/attachment-0001.htm

More information about the Hostap mailing list