Home Explore Help
Register Sign In
wareck
/
krackattacks
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Add optional reassoc-to-same-BSS optimization

The new reassoc_same_bss_optim=1 configuration parameter can now be used
to request wpa_supplicant to bypass the unnecessary Authentication frame
exchange when reassociating back to the same BSS with which the device
is already associated. This functionality is disabled by default since
it may cause undesired interoperability issues with some APs.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen 10 years ago
parent
c4da67deef
commit
59b416c733
4 changed files with 24 additions and 2 deletions
Split View Show Diff Stats
  1. 1 0
      wpa_supplicant/config.c
  2. 5 0
      wpa_supplicant/config.h
  3. 4 0
      wpa_supplicant/config_file.c
  4. 14 2
      wpa_supplicant/sme.c

+ 1 - 0
wpa_supplicant/config.c
View File 

@@ -4185,6 +4185,7 @@ static const struct global_parse_data global_fields[] = {
 
 	{ INT(preassoc_mac_addr), 0 },
 
 	{ INT(key_mgmt_offload), 0},
 
 	{ INT(passive_scan), 0 },
 
+	{ INT(reassoc_same_bss_optim), 0 },
 
 };
 
 
 #undef FUNC

+ 5 - 0
wpa_supplicant/config.h
View File 

@@ -1149,6 +1149,11 @@ struct wpa_config {
 
 	 * (scan_ssid=1) or P2P device discovery.
 
 	 */
 
 	int passive_scan;
 
+
 
+	/**
 
+	 * reassoc_same_bss_optim - Whether to optimize reassoc-to-same-BSS
 
+	 */
 
+	int reassoc_same_bss_optim;
 
 };

+ 4 - 0
wpa_supplicant/config_file.c
View File 

@@ -1233,6 +1233,10 @@ static void wpa_config_write_global(FILE *f, struct wpa_config *config)
 
 
 	if (config->passive_scan)
 
 		fprintf(f, "passive_scan=%d\n", config->passive_scan);
 
+
 
+	if (config->reassoc_same_bss_optim)
 
+		fprintf(f, "reassoc_same_bss_optim=%d\n",
 
+			config->reassoc_same_bss_optim);
 
 }
 
 
 #endif /* CONFIG_NO_CONFIG_WRITE */

+ 14 - 2
wpa_supplicant/sme.c
View File 

@@ -207,6 +207,7 @@ static void sme_send_authentication(struct wpa_supplicant *wpa_s,
 
 	struct wpabuf *resp = NULL;
 
 	u8 ext_capab[18];
 
 	int ext_capab_len;
 
+	int skip_auth;
 
 
 	if (bss == NULL) {
 
 		wpa_msg(wpa_s, MSG_ERROR, "SME: No scan result available for "
 
@@ -215,6 +216,8 @@ static void sme_send_authentication(struct wpa_supplicant *wpa_s,
 
 		return;
 
 	}
 
 
+	skip_auth = wpa_s->conf->reassoc_same_bss_optim &&
 
+		wpa_s->reassoc_same_bss;
 
 	wpa_s->current_bss = bss;
 
 
 	os_memset(&params, 0, sizeof(params));
 
@@ -465,7 +468,7 @@ static void sme_send_authentication(struct wpa_supplicant *wpa_s,
 
 	sme_auth_handle_rrm(wpa_s, bss);
 
 
 #ifdef CONFIG_SAE
 
-	if (params.auth_alg == WPA_AUTH_ALG_SAE &&
 
+	if (!skip_auth && params.auth_alg == WPA_AUTH_ALG_SAE &&
 
 	    pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid, ssid, 0) == 0)
 
 	{
 
 		wpa_dbg(wpa_s, MSG_DEBUG,
 
@@ -474,7 +477,7 @@ static void sme_send_authentication(struct wpa_supplicant *wpa_s,
 
 		wpa_s->sme.sae_pmksa_caching = 1;
 
 	}
 
 
-	if (params.auth_alg == WPA_AUTH_ALG_SAE) {
 
+	if (!skip_auth && params.auth_alg == WPA_AUTH_ALG_SAE) {
 
 		if (start)
 
 			resp = sme_auth_build_sae_commit(wpa_s, ssid,
 
 							 bss->bssid);
 
@@ -532,6 +535,15 @@ static void sme_send_authentication(struct wpa_supplicant *wpa_s,
 
 	}
 
 #endif /* CONFIG_P2P */
 
 
+	if (skip_auth) {
 
+		wpa_msg(wpa_s, MSG_DEBUG,
 
+			"SME: Skip authentication step on reassoc-to-same-BSS");
 
+		wpabuf_free(resp);
 
+		sme_associate(wpa_s, ssid->mode, bss->bssid, WLAN_AUTH_OPEN);
 
+		return;
 
+	}
 
+
 
+
 
 	wpa_s->sme.auth_alg = params.auth_alg;
 
 	if (wpa_drv_authenticate(wpa_s, &params) < 0) {
 
 		wpa_msg(wpa_s, MSG_INFO, "SME: Authentication request to the "