From b08d5fa793e2bc4f1f21d0696ea910652a439814 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Mon, 8 Sep 2014 16:49:08 +0300 Subject: [PATCH] WPS: Set EAPOL workarounds dynamically based on association Previously, the shorter startWhen value was used based on build parameters (i.e., if WPS was enabled). This is not really ideal and the knowledge of WPS use can be provided to the EAPOL state machine to allow this (and similar WPS workarounds) to be done only when the association is for the purpose of WPS. Reduce the default startWhen value from 3 to 2 seconds for non-WPS case since WPS builds have likely received most testing for the past years with the 1 second value and there is no strong justification for forcing the longer 3 second wait should a frame be lost or something else require the EAPOL-Start to initiate operation after a connection. Signed-off-by: Jouni Malinen --- src/eapol_supp/eapol_supp_sm.c | 17 ++++++++++------- src/eapol_supp/eapol_supp_sm.h | 5 +++++ wpa_supplicant/wpa_supplicant.c | 1 + 3 files changed, 16 insertions(+), 7 deletions(-) diff --git a/src/eapol_supp/eapol_supp_sm.c b/src/eapol_supp/eapol_supp_sm.c index cf3506d99..70258be27 100644 --- a/src/eapol_supp/eapol_supp_sm.c +++ b/src/eapol_supp/eapol_supp_sm.c @@ -255,12 +255,14 @@ SM_STATE(SUPP_PAE, CONNECTING) * delay authentication. Use a short timeout to send the first * EAPOL-Start if Authenticator does not start authentication. */ -#ifdef CONFIG_WPS - /* Reduce latency on starting WPS negotiation. */ - sm->startWhen = 1; -#else /* CONFIG_WPS */ - sm->startWhen = 3; -#endif /* CONFIG_WPS */ + if (sm->conf.wps) { + /* Reduce latency on starting WPS negotiation. */ + wpa_printf(MSG_DEBUG, + "EAPOL: Using shorter startWhen for WPS"); + sm->startWhen = 1; + } else { + sm->startWhen = 2; + } } eapol_enable_timer_tick(sm); sm->eapolEap = FALSE; @@ -1242,7 +1244,7 @@ int eapol_sm_rx_eapol(struct eapol_sm *sm, const u8 *src, const u8 *buf, return 0; } #ifdef CONFIG_WPS - if (sm->conf.workaround && + if (sm->conf.wps && sm->conf.workaround && plen < len - sizeof(*hdr) && hdr->type == IEEE802_1X_TYPE_EAP_PACKET && len - sizeof(*hdr) > sizeof(struct eap_hdr)) { @@ -1491,6 +1493,7 @@ void eapol_sm_notify_config(struct eapol_sm *sm, sm->conf.required_keys = conf->required_keys; sm->conf.fast_reauth = conf->fast_reauth; sm->conf.workaround = conf->workaround; + sm->conf.wps = conf->wps; #ifdef CONFIG_EAP_PROXY if (sm->use_eap_proxy) { /* Using EAP Proxy, so skip EAP state machine update */ diff --git a/src/eapol_supp/eapol_supp_sm.h b/src/eapol_supp/eapol_supp_sm.h index d76c8c21d..5b37314ff 100644 --- a/src/eapol_supp/eapol_supp_sm.h +++ b/src/eapol_supp/eapol_supp_sm.h @@ -58,6 +58,11 @@ struct eapol_config { * external_sim - Use external processing for SIM/USIM operations */ int external_sim; + + /** + * wps - Whether this connection is used for WPS + */ + int wps; }; struct eapol_sm; diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c index 9414e8f32..9e3fe8462 100644 --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c @@ -297,6 +297,7 @@ void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s) wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA && wpa_s->key_mgmt != WPA_KEY_MGMT_WPS; eapol_conf.external_sim = wpa_s->conf->external_sim; + eapol_conf.wps = wpa_s->key_mgmt == WPA_KEY_MGMT_WPS; eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf); #endif /* IEEE8021X_EAPOL */