mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-11-28 18:28:23 -05:00
Add optional reassoc-to-same-BSS optimization
The new reassoc_same_bss_optim=1 configuration parameter can now be used to request wpa_supplicant to bypass the unnecessary Authentication frame exchange when reassociating back to the same BSS with which the device is already associated. This functionality is disabled by default since it may cause undesired interoperability issues with some APs. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
parent
c4da67deef
commit
59b416c733
@ -4185,6 +4185,7 @@ static const struct global_parse_data global_fields[] = {
|
||||
{ INT(preassoc_mac_addr), 0 },
|
||||
{ INT(key_mgmt_offload), 0},
|
||||
{ INT(passive_scan), 0 },
|
||||
{ INT(reassoc_same_bss_optim), 0 },
|
||||
};
|
||||
|
||||
#undef FUNC
|
||||
|
@ -1149,6 +1149,11 @@ struct wpa_config {
|
||||
* (scan_ssid=1) or P2P device discovery.
|
||||
*/
|
||||
int passive_scan;
|
||||
|
||||
/**
|
||||
* reassoc_same_bss_optim - Whether to optimize reassoc-to-same-BSS
|
||||
*/
|
||||
int reassoc_same_bss_optim;
|
||||
};
|
||||
|
||||
|
||||
|
@ -1233,6 +1233,10 @@ static void wpa_config_write_global(FILE *f, struct wpa_config *config)
|
||||
|
||||
if (config->passive_scan)
|
||||
fprintf(f, "passive_scan=%d\n", config->passive_scan);
|
||||
|
||||
if (config->reassoc_same_bss_optim)
|
||||
fprintf(f, "reassoc_same_bss_optim=%d\n",
|
||||
config->reassoc_same_bss_optim);
|
||||
}
|
||||
|
||||
#endif /* CONFIG_NO_CONFIG_WRITE */
|
||||
|
@ -207,6 +207,7 @@ static void sme_send_authentication(struct wpa_supplicant *wpa_s,
|
||||
struct wpabuf *resp = NULL;
|
||||
u8 ext_capab[18];
|
||||
int ext_capab_len;
|
||||
int skip_auth;
|
||||
|
||||
if (bss == NULL) {
|
||||
wpa_msg(wpa_s, MSG_ERROR, "SME: No scan result available for "
|
||||
@ -215,6 +216,8 @@ static void sme_send_authentication(struct wpa_supplicant *wpa_s,
|
||||
return;
|
||||
}
|
||||
|
||||
skip_auth = wpa_s->conf->reassoc_same_bss_optim &&
|
||||
wpa_s->reassoc_same_bss;
|
||||
wpa_s->current_bss = bss;
|
||||
|
||||
os_memset(¶ms, 0, sizeof(params));
|
||||
@ -465,7 +468,7 @@ static void sme_send_authentication(struct wpa_supplicant *wpa_s,
|
||||
sme_auth_handle_rrm(wpa_s, bss);
|
||||
|
||||
#ifdef CONFIG_SAE
|
||||
if (params.auth_alg == WPA_AUTH_ALG_SAE &&
|
||||
if (!skip_auth && params.auth_alg == WPA_AUTH_ALG_SAE &&
|
||||
pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid, ssid, 0) == 0)
|
||||
{
|
||||
wpa_dbg(wpa_s, MSG_DEBUG,
|
||||
@ -474,7 +477,7 @@ static void sme_send_authentication(struct wpa_supplicant *wpa_s,
|
||||
wpa_s->sme.sae_pmksa_caching = 1;
|
||||
}
|
||||
|
||||
if (params.auth_alg == WPA_AUTH_ALG_SAE) {
|
||||
if (!skip_auth && params.auth_alg == WPA_AUTH_ALG_SAE) {
|
||||
if (start)
|
||||
resp = sme_auth_build_sae_commit(wpa_s, ssid,
|
||||
bss->bssid);
|
||||
@ -532,6 +535,15 @@ static void sme_send_authentication(struct wpa_supplicant *wpa_s,
|
||||
}
|
||||
#endif /* CONFIG_P2P */
|
||||
|
||||
if (skip_auth) {
|
||||
wpa_msg(wpa_s, MSG_DEBUG,
|
||||
"SME: Skip authentication step on reassoc-to-same-BSS");
|
||||
wpabuf_free(resp);
|
||||
sme_associate(wpa_s, ssid->mode, bss->bssid, WLAN_AUTH_OPEN);
|
||||
return;
|
||||
}
|
||||
|
||||
|
||||
wpa_s->sme.auth_alg = params.auth_alg;
|
||||
if (wpa_drv_authenticate(wpa_s, ¶ms) < 0) {
|
||||
wpa_msg(wpa_s, MSG_INFO, "SME: Authentication request to the "
|
||||
|
Loading…
Reference in New Issue
Block a user