From d0bf6f54bdf388403aabf09fec5860d2a5c14008 Mon Sep 17 00:00:00 2001 From: Kapil Gupta Date: Mon, 9 Jun 2025 13:08:38 +0530 Subject: [PATCH] fix(wpa_supplicant): Delay sending of EAP_START for EAP auth --- .../esp_supplicant/src/esp_eap_client.c | 27 ++++++++++++++++--- .../wpa_supplicant/src/eap_peer/eap_i.h | 1 + 2 files changed, 24 insertions(+), 4 deletions(-) diff --git a/components/wpa_supplicant/esp_supplicant/src/esp_eap_client.c b/components/wpa_supplicant/esp_supplicant/src/esp_eap_client.c index 94d0b0bd5f..10896520a9 100644 --- a/components/wpa_supplicant/esp_supplicant/src/esp_eap_client.c +++ b/components/wpa_supplicant/esp_supplicant/src/esp_eap_client.c @@ -60,6 +60,7 @@ static struct eap_sm *gEapSm = NULL; static int eap_peer_sm_init(void); static void eap_peer_sm_deinit(void); +static void eap_start_eapol(void *ctx, void *data); static int eap_sm_rx_eapol_internal(u8 *src_addr, u8 *buf, u32 len, uint8_t *bssid); static int wpa2_start_eapol_internal(void); @@ -529,6 +530,10 @@ static int eap_sm_rx_eapol_internal(u8 *src_addr, u8 *buf, u32 len, uint8_t *bss return ESP_FAIL; } + if (!sm->eap_process_started) { + sm->eap_process_started = true; + eloop_cancel_timeout(eap_start_eapol, NULL, NULL); + } if (len < sizeof(*hdr) + sizeof(*ehdr)) { wpa_printf(MSG_DEBUG, "WPA: EAPOL frame too short to be a WPA " "EAPOL-Key (len %lu, expecting at least %lu)", @@ -612,15 +617,28 @@ _out: return ret; } -static int wpa2_start_eapol(void) +static void eap_start_eapol(void *ctx, void *data) { #ifdef USE_WPA2_TASK - return wpa2_post(SIG_WPA2_START, 0); + wpa2_post(SIG_WPA2_START, 0); #else - return wpa2_start_eapol_internal(); + wpa2_start_eapol_internal(); #endif } +static int eap_start_eapol_timer(void) +{ + /* + * Do not send EAPOL-Start immediately since in most cases, + * Authenticator is going to start authentication immediately + * after association and an extra EAPOL-Start is just going to + * delay authentication. Use a short timeout to send the first + * EAPOL-Start if Authenticator does not start authentication. + */ + eloop_register_timeout(2, 0, eap_start_eapol, NULL, NULL); + return 0; +} + static int wpa2_start_eapol_internal(void) { struct eap_sm *sm = gEapSm; @@ -739,6 +757,7 @@ static int eap_peer_sm_init(void) wpa_printf(MSG_INFO, "wifi_task prio:%d, stack:%d", WPA2_TASK_PRIORITY, WPA2_TASK_STACK_SIZE); #endif sm->workaround = 1; + sm->eap_process_started = false; return ESP_OK; _err: @@ -806,7 +825,7 @@ static esp_err_t esp_client_enable_fn(void *arg) } wpa2_cb->wpa2_sm_rx_eapol = wpa2_ent_rx_eapol; - wpa2_cb->wpa2_start = wpa2_start_eapol; + wpa2_cb->wpa2_start = eap_start_eapol_timer; wpa2_cb->wpa2_init = eap_peer_sm_init; wpa2_cb->wpa2_deinit = eap_peer_sm_deinit; diff --git a/components/wpa_supplicant/src/eap_peer/eap_i.h b/components/wpa_supplicant/src/eap_peer/eap_i.h index fec7856714..ca4f3a277a 100644 --- a/components/wpa_supplicant/src/eap_peer/eap_i.h +++ b/components/wpa_supplicant/src/eap_peer/eap_i.h @@ -311,6 +311,7 @@ struct eap_sm { size_t eapKeyDataLen; struct wpabuf *lastRespData; const struct eap_method *m; + bool eap_process_started; }; typedef enum {