From 6e2020210afe355bd0f8fcdb2a68f31746f6f7df Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Mon, 12 Nov 2012 20:07:53 +0200 Subject: [PATCH] Allow OKC to be enabled by default Previously, OKC (opportunistic key caching, a.k.a. proactive key caching) could be enabled only with a per-network parameter (proactive_key_caching). The new global parameter (okc) can now be used to change the default behavior to be OKC enabled (okc=1) for network blocks that do not override this with the proactive_key_caching parameter. Signed-hostap: Jouni Malinen --- wpa_supplicant/config.c | 2 ++ wpa_supplicant/config.h | 9 +++++++++ wpa_supplicant/config_file.c | 4 +++- wpa_supplicant/config_ssid.h | 7 ++++++- wpa_supplicant/config_winreg.c | 7 ++++++- wpa_supplicant/sme.c | 4 +++- wpa_supplicant/wpa_supplicant.c | 4 +++- wpa_supplicant/wpa_supplicant.conf | 9 ++++++++- wpa_supplicant/wpas_glue.c | 3 ++- 9 files changed, 42 insertions(+), 7 deletions(-) diff --git a/wpa_supplicant/config.c b/wpa_supplicant/config.c index 736bf0dde..a927f1cf6 100644 --- a/wpa_supplicant/config.c +++ b/wpa_supplicant/config.c @@ -2041,6 +2041,7 @@ void wpa_config_set_network_defaults(struct wpa_ssid *ssid) ssid->ampdu_factor = DEFAULT_AMPDU_FACTOR; ssid->ampdu_density = DEFAULT_AMPDU_DENSITY; #endif /* CONFIG_HT_OVERRIDES */ + ssid->proactive_key_caching = -1; } @@ -3033,6 +3034,7 @@ static const struct global_parse_data global_fields[] = { { STR(ext_password_backend), CFG_CHANGED_EXT_PW_BACKEND }, { INT(p2p_go_max_inactivity), 0 }, { INT_RANGE(auto_interworking, 0, 1), 0 }, + { INT(okc), 0 }, }; #undef FUNC diff --git a/wpa_supplicant/config.h b/wpa_supplicant/config.h index fd2a62857..3dbb4a080 100644 --- a/wpa_supplicant/config.h +++ b/wpa_supplicant/config.h @@ -773,6 +773,15 @@ struct wpa_config { * also for the group operation. */ int p2p_no_group_iface; + + /** + * okc - Whether to enable opportunistic key caching by default + * + * By default, OKC is disabled unless enabled by the per-network + * proactive_key_caching=1 parameter. okc=1 can be used to change this + * default behavior. + */ + int okc; }; diff --git a/wpa_supplicant/config_file.c b/wpa_supplicant/config_file.c index c473891cd..c25b4af6a 100644 --- a/wpa_supplicant/config_file.c +++ b/wpa_supplicant/config_file.c @@ -676,7 +676,7 @@ static void wpa_config_write_network(FILE *f, struct wpa_ssid *ssid) INT_DEFe(fragment_size, DEFAULT_FRAGMENT_SIZE); #endif /* IEEE8021X_EAPOL */ INT(mode); - INT(proactive_key_caching); + write_int(f, "proactive_key_caching", ssid->proactive_key_caching, -1); INT(disabled); INT(peerkey); #ifdef CONFIG_IEEE80211W @@ -926,6 +926,8 @@ static void wpa_config_write_global(FILE *f, struct wpa_config *config) if (config->auto_interworking) fprintf(f, "auto_interworking=%d\n", config->auto_interworking); + if (config->okc) + fprintf(f, "okc=%d\n", config->okc); } #endif /* CONFIG_NO_CONFIG_WRITE */ diff --git a/wpa_supplicant/config_ssid.h b/wpa_supplicant/config_ssid.h index be83cc28e..2d4d91453 100644 --- a/wpa_supplicant/config_ssid.h +++ b/wpa_supplicant/config_ssid.h @@ -228,13 +228,18 @@ struct wpa_ssid { * * This field can be used to enable proactive key caching which is also * known as opportunistic PMKSA caching for WPA2. This is disabled (0) - * by default. Enable by setting this to 1. + * by default unless default value is changed with the global okc=1 + * parameter. Enable by setting this to 1. * * Proactive key caching is used to make supplicant assume that the APs * are using the same PMK and generate PMKSA cache entries without * doing RSN pre-authentication. This requires support from the AP side * and is normally used with wireless switches that co-locate the * authenticator. + * + * Internally, special value -1 is used to indicate that the parameter + * was not specified in the configuration (i.e., default behavior is + * followed). */ int proactive_key_caching; diff --git a/wpa_supplicant/config_winreg.c b/wpa_supplicant/config_winreg.c index 6d9876cc1..48a1a9469 100644 --- a/wpa_supplicant/config_winreg.c +++ b/wpa_supplicant/config_winreg.c @@ -271,6 +271,8 @@ static int wpa_config_read_global(struct wpa_config *config, HKEY hk) wpa_config_read_reg_dword(hk, TEXT("disassoc_low_ack"), (int *) &config->disassoc_low_ack); + wpa_config_read_reg_dword(hk, TEXT("okc"), &config->okc); + return errors ? -1 : 0; } @@ -609,6 +611,8 @@ static int wpa_config_write_global(struct wpa_config *config, HKEY hk) wpa_config_write_reg_dword(hk, TEXT("disassoc_low_ack"), config->disassoc_low_ack, 0); + wpa_config_write_reg_dword(hk, TEXT("okc"), config->okc, 0); + return 0; } @@ -904,7 +908,8 @@ static int wpa_config_write_network(HKEY hk, struct wpa_ssid *ssid, int id) INT_DEFe(fragment_size, DEFAULT_FRAGMENT_SIZE); #endif /* IEEE8021X_EAPOL */ INT(mode); - INT(proactive_key_caching); + write_int(netw, "proactive_key_caching", ssid->proactive_key_caching, + -1); INT(disabled); INT(peerkey); #ifdef CONFIG_IEEE80211W diff --git a/wpa_supplicant/sme.c b/wpa_supplicant/sme.c index 7d863fd36..f6e106c88 100644 --- a/wpa_supplicant/sme.c +++ b/wpa_supplicant/sme.c @@ -171,7 +171,9 @@ void sme_send_authentication(struct wpa_supplicant *wpa_s, wpa_bss_get_ie(bss, WLAN_EID_RSN)) && wpa_key_mgmt_wpa(ssid->key_mgmt)) { int try_opportunistic; - try_opportunistic = ssid->proactive_key_caching && + try_opportunistic = (ssid->proactive_key_caching < 0 ? + wpa_s->conf->okc : + ssid->proactive_key_caching) && (ssid->proto & WPA_PROTO_RSN); if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid, wpa_s->current_ssid, diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c index ee283b777..1a153f6fe 100644 --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c @@ -1355,7 +1355,9 @@ void wpa_supplicant_associate(struct wpa_supplicant *wpa_s, wpa_bss_get_ie(bss, WLAN_EID_RSN)) && wpa_key_mgmt_wpa(ssid->key_mgmt)) { int try_opportunistic; - try_opportunistic = ssid->proactive_key_caching && + try_opportunistic = (ssid->proactive_key_caching < 0 ? + wpa_s->conf->okc : + ssid->proactive_key_caching) && (ssid->proto & WPA_PROTO_RSN); if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid, wpa_s->current_ssid, diff --git a/wpa_supplicant/wpa_supplicant.conf b/wpa_supplicant/wpa_supplicant.conf index 0b0ea88d7..e1000feb5 100644 --- a/wpa_supplicant/wpa_supplicant.conf +++ b/wpa_supplicant/wpa_supplicant.conf @@ -265,6 +265,13 @@ fast_reauth=1 # inactive stations. #p2p_go_max_inactivity=300 +# Opportunistic Key Caching (also known as Proactive Key Caching) default +# This parameter can be used to set the default behavior for the +# proactive_key_caching parameter. By default, OKC is disabled unless enabled +# with the global okc=1 parameter or with the per-network +# proactive_key_caching=1 parameter. With okc=1, OKC is enabled by default, but +# can be disabled with per-network proactive_key_caching=0 parameter. +#okc=0 # Interworking (IEEE 802.11u) @@ -548,7 +555,7 @@ fast_reauth=1 # # proactive_key_caching: # Enable/disable opportunistic PMKSA caching for WPA2. -# 0 = disabled (default) +# 0 = disabled (default unless changed with the global okc parameter) # 1 = enabled # # wep_key0..3: Static WEP key (ASCII in double quotation, e.g. "abcde" or diff --git a/wpa_supplicant/wpas_glue.c b/wpa_supplicant/wpas_glue.c index aec639a31..1ba4c92bc 100644 --- a/wpa_supplicant/wpas_glue.c +++ b/wpa_supplicant/wpas_glue.c @@ -880,7 +880,8 @@ void wpa_supplicant_rsn_supp_set_config(struct wpa_supplicant *wpa_s, conf.peerkey_enabled = ssid->peerkey; conf.allowed_pairwise_cipher = ssid->pairwise_cipher; #ifdef IEEE8021X_EAPOL - conf.proactive_key_caching = ssid->proactive_key_caching; + conf.proactive_key_caching = ssid->proactive_key_caching < 0 ? + wpa_s->conf->okc : ssid->proactive_key_caching; conf.eap_workaround = ssid->eap_workaround; conf.eap_conf_ctx = &ssid->eap; #endif /* IEEE8021X_EAPOL */