forked from espressif/esp-idf
Merge branch 'feature/okc_support' into 'master'
feat(wpa_supplicant): Add support for OKC Closes WIFIBUG-841 See merge request espressif/esp-idf!34873
This commit is contained in:
Kapil Gupta
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* SPDX-FileCopyrightText: 2023 Espressif Systems (Shanghai) CO LTD
|
||||
* SPDX-FileCopyrightText: 2023-2025 Espressif Systems (Shanghai) CO LTD
|
||||
*
|
||||
* SPDX-License-Identifier: Apache-2.0
|
||||
*/
|
||||
@@ -319,6 +319,13 @@ esp_err_t esp_eap_client_set_fast_params(esp_eap_fast_config config);
|
||||
*/
|
||||
esp_err_t esp_eap_client_use_default_cert_bundle(bool use_default_bundle);
|
||||
|
||||
/**
|
||||
* @brief Set Opportunistic key caching support for station.
|
||||
*
|
||||
* @param enable Boolean indicating whether to enable (true) or disable (false) OKC support.
|
||||
*/
|
||||
void esp_wifi_set_okc_support(bool enable);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* SPDX-FileCopyrightText: 2019-2024 Espressif Systems (Shanghai) CO LTD
|
||||
* SPDX-FileCopyrightText: 2019-2025 Espressif Systems (Shanghai) CO LTD
|
||||
*
|
||||
* SPDX-License-Identifier: Apache-2.0
|
||||
*/
|
||||
@@ -626,10 +626,10 @@ static int wpa2_start_eapol_internal(void)
|
||||
return ESP_FAIL;
|
||||
}
|
||||
|
||||
if (wpa_sta_cur_pmksa_matches_akm()) {
|
||||
if (wpa_sta_cur_pmksa_matches_akm() && wpa_sta_is_cur_pmksa_set()) {
|
||||
wpa_printf(MSG_DEBUG,
|
||||
"RSN: PMKSA caching - do not send EAPOL-Start");
|
||||
return ESP_FAIL;
|
||||
return ESP_OK;
|
||||
}
|
||||
|
||||
ret = esp_wifi_get_assoc_bssid_internal(bssid);
|
||||
@@ -815,12 +815,26 @@ static esp_err_t esp_client_enable_fn(void *arg)
|
||||
return ESP_OK;
|
||||
}
|
||||
|
||||
void esp_wifi_set_okc_support(bool enable)
|
||||
{
|
||||
struct wpa_sm *sm = &gWpaSm;
|
||||
if (enable) {
|
||||
sm->okc = 1;
|
||||
} else {
|
||||
sm->okc = 0;
|
||||
}
|
||||
wpa_printf(MSG_DEBUG, "OKC set to %d", sm->okc);
|
||||
}
|
||||
|
||||
esp_err_t esp_wifi_sta_enterprise_enable(void)
|
||||
{
|
||||
wifi_wpa2_param_t param;
|
||||
esp_err_t ret;
|
||||
struct wpa_sm *sm = &gWpaSm;
|
||||
|
||||
/* Enable opportunistic key caching support */
|
||||
esp_wifi_set_okc_support(true);
|
||||
|
||||
wpa2_api_lock();
|
||||
|
||||
if (wpa2_is_enabled()) {
|
||||
|
||||
@@ -37,6 +37,7 @@
|
||||
#include "common/sae.h"
|
||||
#include "esp_eap_client_i.h"
|
||||
#include "esp_wpa3_i.h"
|
||||
#include "eap_peer/eap.h"
|
||||
|
||||
/**
|
||||
* eapol_sm_notify_eap_success - Notification of external EAP success trigger
|
||||
@@ -376,7 +377,6 @@ static void wpa_sm_pmksa_free_cb(struct rsn_pmksa_cache_entry *entry,
|
||||
|
||||
|
||||
|
||||
|
||||
static int wpa_supplicant_get_pmk(struct wpa_sm *sm,
|
||||
const unsigned char *src_addr,
|
||||
const u8 *pmkid)
|
||||
@@ -681,7 +681,7 @@ void wpa_supplicant_process_1_of_4(struct wpa_sm *sm,
|
||||
|
||||
#ifdef CONFIG_ESP_WIFI_ENTERPRISE_SUPPORT
|
||||
if (is_wpa2_enterprise_connection()) {
|
||||
pmksa_cache_set_current(sm, NULL, sm->bssid, 0, 0);
|
||||
pmksa_cache_set_current(sm, NULL, sm->bssid, sm->okc ? (void*)sm->network_ctx : NULL, sm->okc);
|
||||
}
|
||||
#endif
|
||||
|
||||
@@ -2313,6 +2313,8 @@ int wpa_set_bss(char *macddr, char * bssid, u8 pairwise_cipher, u8 group_cipher,
|
||||
bool use_pmk_cache = !esp_wifi_skip_supp_pmkcaching();
|
||||
u8 assoc_rsnxe[20];
|
||||
size_t assoc_rsnxe_len = sizeof(assoc_rsnxe);
|
||||
bool reassoc_same_ess = false;
|
||||
int try_opportunistic = 0;
|
||||
|
||||
/* Incase AP has changed it's SSID, don't try with PMK caching for SAE connection */
|
||||
/* Ideally we should use network_ctx for this purpose however currently network profile block
|
||||
@@ -2324,6 +2326,16 @@ int wpa_set_bss(char *macddr, char * bssid, u8 pairwise_cipher, u8 group_cipher,
|
||||
(os_memcmp(sm->ssid, ssid, ssid_len) != 0)) {
|
||||
use_pmk_cache = false;
|
||||
}
|
||||
|
||||
if (os_memcmp(sm->ssid, ssid, ssid_len) == 0) {
|
||||
wpa_printf(MSG_DEBUG, "reassoc same ess and okc is %d", sm->okc);
|
||||
if (sm->okc == 1) {
|
||||
try_opportunistic = 1;
|
||||
}
|
||||
reassoc_same_ess = true;
|
||||
}
|
||||
sm->network_ctx = ssid;
|
||||
|
||||
sm->pairwise_cipher = BIT(pairwise_cipher);
|
||||
sm->group_cipher = BIT(group_cipher);
|
||||
sm->rx_replay_counter_set = 0; //init state not intall replay counter value
|
||||
@@ -2345,7 +2357,11 @@ int wpa_set_bss(char *macddr, char * bssid, u8 pairwise_cipher, u8 group_cipher,
|
||||
}
|
||||
}
|
||||
if (wpa_key_mgmt_supports_caching(sm->key_mgmt) && use_pmk_cache) {
|
||||
pmksa_cache_set_current(sm, NULL, (const u8*) bssid, 0, 0);
|
||||
if (reassoc_same_ess && wpa_key_mgmt_wpa_ieee8021x(sm->key_mgmt)) {
|
||||
pmksa_cache_set_current(sm, NULL, (const u8*) bssid, (void*)sm->network_ctx, try_opportunistic);
|
||||
} else {
|
||||
pmksa_cache_set_current(sm, NULL, (const u8*) bssid, 0, try_opportunistic);
|
||||
}
|
||||
wpa_sm_set_pmk_from_pmksa(sm);
|
||||
} else {
|
||||
if (pmksa) {
|
||||
|
||||
@@ -111,6 +111,7 @@ struct wpa_sm {
|
||||
u8 *assoc_resp_ies; /* MDIE and FTIE from (Re)Association Response */
|
||||
size_t assoc_resp_ies_len;
|
||||
#endif /* CONFIG_IEEE80211R */
|
||||
int okc; /* Used for trying Opportunistic Key Caching */
|
||||
#ifdef CONFIG_OWE_STA
|
||||
struct crypto_ecdh *owe_ecdh;
|
||||
u16 owe_group;
|
||||
|
||||
Reference in New Issue
Block a user