From dbae199c4230bb236277a59c0b7a17b96a426d66 Mon Sep 17 00:00:00 2001 From: Sarvesh Bodakhe Date: Fri, 31 Jan 2025 17:11:53 +0530 Subject: [PATCH 1/2] revert(wifi): Revert support to recongize different WPA3 Authentication modes" This reverts commit 13055cbcec779915b335dfbe4056273afccfdb30. --- components/esp_wifi/include/esp_wifi_types.h | 7 +------ components/esp_wifi/lib | 2 +- examples/wifi/scan/main/scan.c | 6 ------ 3 files changed, 2 insertions(+), 13 deletions(-) diff --git a/components/esp_wifi/include/esp_wifi_types.h b/components/esp_wifi/include/esp_wifi_types.h index fe8fedef4a..5da5f13bbd 100644 --- a/components/esp_wifi/include/esp_wifi_types.h +++ b/components/esp_wifi/include/esp_wifi_types.h @@ -59,7 +59,7 @@ typedef struct { * @brief Wi-Fi authmode type * Strength of authmodes * Personal Networks : OPEN < WEP < WPA_PSK < OWE < WPA2_PSK = WPA_WPA2_PSK < WAPI_PSK < WPA3_PSK = WPA2_WPA3_PSK - * Enterprise Networks : WIFI_AUTH_WPA2_ENTERPRISE < WIFI_AUTH_WPA3_ENTERPRISE = WIFI_AUTH_WPA2_WPA3_ENTERPRISE < WIFI_AUTH_WPA3_ENT_192 + * Enterprise Networks : WIFI_AUTH_WPA2_ENTERPRISE < WIFI_AUTH_WPA3_ENT_192 */ typedef enum { WIFI_AUTH_OPEN = 0, /**< authenticate mode : open */ @@ -74,11 +74,6 @@ typedef enum { WIFI_AUTH_WAPI_PSK, /**< authenticate mode : WAPI_PSK */ WIFI_AUTH_OWE, /**< authenticate mode : OWE */ WIFI_AUTH_WPA3_ENT_192, /**< authenticate mode : WPA3_ENT_SUITE_B_192_BIT */ - WIFI_AUTH_DUMMY_1, /**< Dummy placeholder authenticate mode for WIFI_AUTH_WPA3_EXT_PSK */ - WIFI_AUTH_DUMMY_2, /**< Dummy placeholder authenticate mode for WIFI_AUTH_WPA3_EXT_PSK_MIXED_MODE */ - WIFI_AUTH_DUMMY_3, /**< Dummy placeholder authenticate mode for WIFI_AUTH_DPP */ - WIFI_AUTH_WPA3_ENTERPRISE, /**< authenticate mode : WPA3-Enterprise Only Mode */ - WIFI_AUTH_WPA2_WPA3_ENTERPRISE, /**< authenticate mode : WPA3-Enterprise Transition Mode */ WIFI_AUTH_MAX } wifi_auth_mode_t; diff --git a/components/esp_wifi/lib b/components/esp_wifi/lib index 5d6ba1d088..dc25b8a900 160000 --- a/components/esp_wifi/lib +++ b/components/esp_wifi/lib @@ -1 +1 @@ -Subproject commit 5d6ba1d088512ef918e3d274214cc395e407d85c +Subproject commit dc25b8a90005a7ba2b957ebbb3258269676f30ba diff --git a/examples/wifi/scan/main/scan.c b/examples/wifi/scan/main/scan.c index b77ccf6268..07520a4e0b 100644 --- a/examples/wifi/scan/main/scan.c +++ b/examples/wifi/scan/main/scan.c @@ -52,12 +52,6 @@ static void print_auth_mode(int authmode) case WIFI_AUTH_WPA2_WPA3_PSK: ESP_LOGI(TAG, "Authmode \tWIFI_AUTH_WPA2_WPA3_PSK"); break; - case WIFI_AUTH_WPA3_ENTERPRISE: - ESP_LOGI(TAG, "Authmode \tWIFI_AUTH_WPA3_ENTERPRISE"); - break; - case WIFI_AUTH_WPA2_WPA3_ENTERPRISE: - ESP_LOGI(TAG, "Authmode \tWIFI_AUTH_WPA2_WPA3_ENTERPRISE"); - break; case WIFI_AUTH_WPA3_ENT_192: ESP_LOGI(TAG, "Authmode \tWIFI_AUTH_WPA3_ENT_192"); break; From 2665028530fcfc831eab29cd78be35cff5e992ea Mon Sep 17 00:00:00 2001 From: Sarvesh Bodakhe Date: Tue, 24 Dec 2024 13:29:22 +0530 Subject: [PATCH 2/2] feat(wpa_supplicant): Add WIFI_EVENT_AP_WRONG_PASSWORD in SoftAP This event is triggered when external station tries connecting to softAP with wrong password. Currently supported softAP AUTH modes: WPA-PSK, WPA2-PSK and WPA3-PSK (SAE-auth) --- components/esp_wifi/include/esp_wifi_types.h | 7 +++++++ components/wpa_supplicant/src/ap/ieee802_11.c | 4 ++++ components/wpa_supplicant/src/ap/wpa_auth.c | 4 ++++ 3 files changed, 15 insertions(+) diff --git a/components/esp_wifi/include/esp_wifi_types.h b/components/esp_wifi/include/esp_wifi_types.h index 5da5f13bbd..c23a43f9d2 100644 --- a/components/esp_wifi/include/esp_wifi_types.h +++ b/components/esp_wifi/include/esp_wifi_types.h @@ -914,6 +914,8 @@ typedef enum { WIFI_EVENT_NDP_CONFIRM, /**< NDP Confirm Indication */ WIFI_EVENT_NDP_TERMINATED, /**< NAN Datapath terminated indication */ + WIFI_EVENT_AP_WRONG_PASSWORD, /**< a station tried to connect with wrong password */ + WIFI_EVENT_MAX, /**< Invalid WiFi event ID */ } wifi_event_t; @@ -1146,6 +1148,11 @@ typedef struct { bool dcm; /**< Using dcm rate to send frame */ } wifi_tx_rate_config_t; +/** Argument structure for WIFI_EVENT_AP_WRONG_PASSWORD event */ +typedef struct { + uint8_t mac[6]; /**< MAC address of the station trying to connect to Soft-AP */ +} wifi_event_ap_wrong_password_t; + #ifdef __cplusplus } #endif diff --git a/components/wpa_supplicant/src/ap/ieee802_11.c b/components/wpa_supplicant/src/ap/ieee802_11.c index 9fad4fd34d..a2f5365a46 100644 --- a/components/wpa_supplicant/src/ap/ieee802_11.c +++ b/components/wpa_supplicant/src/ap/ieee802_11.c @@ -624,6 +624,10 @@ int handle_auth_sae(struct hostapd_data *hapd, struct sta_info *sta, if (sae_check_confirm(sta->sae, buf, len) < 0) { resp = WLAN_STATUS_CHALLENGE_FAIL; + wifi_event_ap_wrong_password_t evt = {0}; + os_memcpy(evt.mac, bssid, ETH_ALEN); + esp_event_post(WIFI_EVENT, WIFI_EVENT_AP_WRONG_PASSWORD, &evt, + sizeof(evt), 0); goto reply; } sta->sae->rc = peer_send_confirm; diff --git a/components/wpa_supplicant/src/ap/wpa_auth.c b/components/wpa_supplicant/src/ap/wpa_auth.c index 58748a85ff..18a5069fb3 100644 --- a/components/wpa_supplicant/src/ap/wpa_auth.c +++ b/components/wpa_supplicant/src/ap/wpa_auth.c @@ -1668,6 +1668,10 @@ SM_STATE(WPA_PTK, PTKCALCNEGOTIATING) if (!ok) { wpa_printf(MSG_INFO, "invalid MIC in msg 2/4 of 4-Way Handshake"); + wifi_event_ap_wrong_password_t evt = {0}; + os_memcpy(evt.mac, sm->addr, ETH_ALEN); + esp_event_post(WIFI_EVENT, WIFI_EVENT_AP_WRONG_PASSWORD, &evt, + sizeof(evt), 0); return; }