Allow OKC to be enabled by default
Previously, OKC (opportunistic key caching, a.k.a. proactive key caching) could be enabled only with a per-network parameter (proactive_key_caching). The new global parameter (okc) can now be used to change the default behavior to be OKC enabled (okc=1) for network blocks that do not override this with the proactive_key_caching parameter. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
Jouni Malinen
Jouni Malinen
parent
8713a2e6ff
commit
6e2020210a
9 changed files with 42 additions and 7 deletions
|
|
@ -2041,6 +2041,7 @@ void wpa_config_set_network_defaults(struct wpa_ssid *ssid)
|
||||||
ssid->ampdu_factor = DEFAULT_AMPDU_FACTOR;
|
ssid->ampdu_factor = DEFAULT_AMPDU_FACTOR;
|
||||||
ssid->ampdu_density = DEFAULT_AMPDU_DENSITY;
|
ssid->ampdu_density = DEFAULT_AMPDU_DENSITY;
|
||||||
#endif /* CONFIG_HT_OVERRIDES */
|
#endif /* CONFIG_HT_OVERRIDES */
|
||||||
|
ssid->proactive_key_caching = -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -3033,6 +3034,7 @@ static const struct global_parse_data global_fields[] = {
|
||||||
{ STR(ext_password_backend), CFG_CHANGED_EXT_PW_BACKEND },
|
{ STR(ext_password_backend), CFG_CHANGED_EXT_PW_BACKEND },
|
||||||
{ INT(p2p_go_max_inactivity), 0 },
|
{ INT(p2p_go_max_inactivity), 0 },
|
||||||
{ INT_RANGE(auto_interworking, 0, 1), 0 },
|
{ INT_RANGE(auto_interworking, 0, 1), 0 },
|
||||||
|
{ INT(okc), 0 },
|
||||||
};
|
};
|
||||||
|
|
||||||
#undef FUNC
|
#undef FUNC
|
||||||
|
|
|
||||||
|
|
@ -773,6 +773,15 @@ struct wpa_config {
|
||||||
* also for the group operation.
|
* also for the group operation.
|
||||||
*/
|
*/
|
||||||
int p2p_no_group_iface;
|
int p2p_no_group_iface;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* okc - Whether to enable opportunistic key caching by default
|
||||||
|
*
|
||||||
|
* By default, OKC is disabled unless enabled by the per-network
|
||||||
|
* proactive_key_caching=1 parameter. okc=1 can be used to change this
|
||||||
|
* default behavior.
|
||||||
|
*/
|
||||||
|
int okc;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -676,7 +676,7 @@ static void wpa_config_write_network(FILE *f, struct wpa_ssid *ssid)
|
||||||
INT_DEFe(fragment_size, DEFAULT_FRAGMENT_SIZE);
|
INT_DEFe(fragment_size, DEFAULT_FRAGMENT_SIZE);
|
||||||
#endif /* IEEE8021X_EAPOL */
|
#endif /* IEEE8021X_EAPOL */
|
||||||
INT(mode);
|
INT(mode);
|
||||||
INT(proactive_key_caching);
|
write_int(f, "proactive_key_caching", ssid->proactive_key_caching, -1);
|
||||||
INT(disabled);
|
INT(disabled);
|
||||||
INT(peerkey);
|
INT(peerkey);
|
||||||
#ifdef CONFIG_IEEE80211W
|
#ifdef CONFIG_IEEE80211W
|
||||||
|
|
@ -926,6 +926,8 @@ static void wpa_config_write_global(FILE *f, struct wpa_config *config)
|
||||||
if (config->auto_interworking)
|
if (config->auto_interworking)
|
||||||
fprintf(f, "auto_interworking=%d\n",
|
fprintf(f, "auto_interworking=%d\n",
|
||||||
config->auto_interworking);
|
config->auto_interworking);
|
||||||
|
if (config->okc)
|
||||||
|
fprintf(f, "okc=%d\n", config->okc);
|
||||||
}
|
}
|
||||||
|
|
||||||
#endif /* CONFIG_NO_CONFIG_WRITE */
|
#endif /* CONFIG_NO_CONFIG_WRITE */
|
||||||
|
|
|
||||||
|
|
@ -228,13 +228,18 @@ struct wpa_ssid {
|
||||||
*
|
*
|
||||||
* This field can be used to enable proactive key caching which is also
|
* This field can be used to enable proactive key caching which is also
|
||||||
* known as opportunistic PMKSA caching for WPA2. This is disabled (0)
|
* known as opportunistic PMKSA caching for WPA2. This is disabled (0)
|
||||||
* by default. Enable by setting this to 1.
|
* by default unless default value is changed with the global okc=1
|
||||||
|
* parameter. Enable by setting this to 1.
|
||||||
*
|
*
|
||||||
* Proactive key caching is used to make supplicant assume that the APs
|
* Proactive key caching is used to make supplicant assume that the APs
|
||||||
* are using the same PMK and generate PMKSA cache entries without
|
* are using the same PMK and generate PMKSA cache entries without
|
||||||
* doing RSN pre-authentication. This requires support from the AP side
|
* doing RSN pre-authentication. This requires support from the AP side
|
||||||
* and is normally used with wireless switches that co-locate the
|
* and is normally used with wireless switches that co-locate the
|
||||||
* authenticator.
|
* authenticator.
|
||||||
|
*
|
||||||
|
* Internally, special value -1 is used to indicate that the parameter
|
||||||
|
* was not specified in the configuration (i.e., default behavior is
|
||||||
|
* followed).
|
||||||
*/
|
*/
|
||||||
int proactive_key_caching;
|
int proactive_key_caching;
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -271,6 +271,8 @@ static int wpa_config_read_global(struct wpa_config *config, HKEY hk)
|
||||||
wpa_config_read_reg_dword(hk, TEXT("disassoc_low_ack"),
|
wpa_config_read_reg_dword(hk, TEXT("disassoc_low_ack"),
|
||||||
(int *) &config->disassoc_low_ack);
|
(int *) &config->disassoc_low_ack);
|
||||||
|
|
||||||
|
wpa_config_read_reg_dword(hk, TEXT("okc"), &config->okc);
|
||||||
|
|
||||||
return errors ? -1 : 0;
|
return errors ? -1 : 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -609,6 +611,8 @@ static int wpa_config_write_global(struct wpa_config *config, HKEY hk)
|
||||||
wpa_config_write_reg_dword(hk, TEXT("disassoc_low_ack"),
|
wpa_config_write_reg_dword(hk, TEXT("disassoc_low_ack"),
|
||||||
config->disassoc_low_ack, 0);
|
config->disassoc_low_ack, 0);
|
||||||
|
|
||||||
|
wpa_config_write_reg_dword(hk, TEXT("okc"), config->okc, 0);
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -904,7 +908,8 @@ static int wpa_config_write_network(HKEY hk, struct wpa_ssid *ssid, int id)
|
||||||
INT_DEFe(fragment_size, DEFAULT_FRAGMENT_SIZE);
|
INT_DEFe(fragment_size, DEFAULT_FRAGMENT_SIZE);
|
||||||
#endif /* IEEE8021X_EAPOL */
|
#endif /* IEEE8021X_EAPOL */
|
||||||
INT(mode);
|
INT(mode);
|
||||||
INT(proactive_key_caching);
|
write_int(netw, "proactive_key_caching", ssid->proactive_key_caching,
|
||||||
|
-1);
|
||||||
INT(disabled);
|
INT(disabled);
|
||||||
INT(peerkey);
|
INT(peerkey);
|
||||||
#ifdef CONFIG_IEEE80211W
|
#ifdef CONFIG_IEEE80211W
|
||||||
|
|
|
||||||
|
|
@ -171,7 +171,9 @@ void sme_send_authentication(struct wpa_supplicant *wpa_s,
|
||||||
wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
|
wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
|
||||||
wpa_key_mgmt_wpa(ssid->key_mgmt)) {
|
wpa_key_mgmt_wpa(ssid->key_mgmt)) {
|
||||||
int try_opportunistic;
|
int try_opportunistic;
|
||||||
try_opportunistic = ssid->proactive_key_caching &&
|
try_opportunistic = (ssid->proactive_key_caching < 0 ?
|
||||||
|
wpa_s->conf->okc :
|
||||||
|
ssid->proactive_key_caching) &&
|
||||||
(ssid->proto & WPA_PROTO_RSN);
|
(ssid->proto & WPA_PROTO_RSN);
|
||||||
if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
|
if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
|
||||||
wpa_s->current_ssid,
|
wpa_s->current_ssid,
|
||||||
|
|
|
||||||
|
|
@ -1355,7 +1355,9 @@ void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
|
||||||
wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
|
wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
|
||||||
wpa_key_mgmt_wpa(ssid->key_mgmt)) {
|
wpa_key_mgmt_wpa(ssid->key_mgmt)) {
|
||||||
int try_opportunistic;
|
int try_opportunistic;
|
||||||
try_opportunistic = ssid->proactive_key_caching &&
|
try_opportunistic = (ssid->proactive_key_caching < 0 ?
|
||||||
|
wpa_s->conf->okc :
|
||||||
|
ssid->proactive_key_caching) &&
|
||||||
(ssid->proto & WPA_PROTO_RSN);
|
(ssid->proto & WPA_PROTO_RSN);
|
||||||
if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
|
if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
|
||||||
wpa_s->current_ssid,
|
wpa_s->current_ssid,
|
||||||
|
|
|
||||||
|
|
@ -265,6 +265,13 @@ fast_reauth=1
|
||||||
# inactive stations.
|
# inactive stations.
|
||||||
#p2p_go_max_inactivity=300
|
#p2p_go_max_inactivity=300
|
||||||
|
|
||||||
|
# Opportunistic Key Caching (also known as Proactive Key Caching) default
|
||||||
|
# This parameter can be used to set the default behavior for the
|
||||||
|
# proactive_key_caching parameter. By default, OKC is disabled unless enabled
|
||||||
|
# with the global okc=1 parameter or with the per-network
|
||||||
|
# proactive_key_caching=1 parameter. With okc=1, OKC is enabled by default, but
|
||||||
|
# can be disabled with per-network proactive_key_caching=0 parameter.
|
||||||
|
#okc=0
|
||||||
|
|
||||||
# Interworking (IEEE 802.11u)
|
# Interworking (IEEE 802.11u)
|
||||||
|
|
||||||
|
|
@ -548,7 +555,7 @@ fast_reauth=1
|
||||||
#
|
#
|
||||||
# proactive_key_caching:
|
# proactive_key_caching:
|
||||||
# Enable/disable opportunistic PMKSA caching for WPA2.
|
# Enable/disable opportunistic PMKSA caching for WPA2.
|
||||||
# 0 = disabled (default)
|
# 0 = disabled (default unless changed with the global okc parameter)
|
||||||
# 1 = enabled
|
# 1 = enabled
|
||||||
#
|
#
|
||||||
# wep_key0..3: Static WEP key (ASCII in double quotation, e.g. "abcde" or
|
# wep_key0..3: Static WEP key (ASCII in double quotation, e.g. "abcde" or
|
||||||
|
|
|
||||||
|
|
@ -880,7 +880,8 @@ void wpa_supplicant_rsn_supp_set_config(struct wpa_supplicant *wpa_s,
|
||||||
conf.peerkey_enabled = ssid->peerkey;
|
conf.peerkey_enabled = ssid->peerkey;
|
||||||
conf.allowed_pairwise_cipher = ssid->pairwise_cipher;
|
conf.allowed_pairwise_cipher = ssid->pairwise_cipher;
|
||||||
#ifdef IEEE8021X_EAPOL
|
#ifdef IEEE8021X_EAPOL
|
||||||
conf.proactive_key_caching = ssid->proactive_key_caching;
|
conf.proactive_key_caching = ssid->proactive_key_caching < 0 ?
|
||||||
|
wpa_s->conf->okc : ssid->proactive_key_caching;
|
||||||
conf.eap_workaround = ssid->eap_workaround;
|
conf.eap_workaround = ssid->eap_workaround;
|
||||||
conf.eap_conf_ctx = &ssid->eap;
|
conf.eap_conf_ctx = &ssid->eap;
|
||||||
#endif /* IEEE8021X_EAPOL */
|
#endif /* IEEE8021X_EAPOL */
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue