Accumulative patch from commit f5f37d3a4fc2df2a24676b4f95afca15ed793cba Author: Jouni Malinen <j@w1.fi> Date: Sun Nov 25 22:05:32 2012 +0200 Fix REAUTHENTICATE command after PMKSA caching The current PMKSA cache entry needs to be clear to allow EAPOL reauthentication to be started in case this association used PMKSA caching. - Remove old WPS_OOB NCF - WPS: Add preliminary NFC connection handover support for Enrollee - WPS: Reenable the networks disabled during wpa_wpas_reassoc - P2P: Avoid multi-channel scans when they are not needed - P2P: Allow discoverable interval for p2p_find to be configured - P2P: Allow all channels with multi-channel concurrency - Bonjour changes - Remove disassociate - HS 2.0 changes - Add preliminary support for using SQLite for eap_user database - Add SAE support - Add disallow_aps parameter to disallow BSSIDs/SSIDs Change-Id: I85358a05b39d46b8db49acdad667e771c580b05c Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>

commit: d5e4923d04122f81300fa68fb07d64ede28fd44d [log] [tgz]
author: Dmitry Shmidt <dimitrysh@google.com> Mon Dec 03 15:08:10 2012 -0800
committer: Dmitry Shmidt <dimitrysh@google.com> Thu Dec 20 10:35:12 2012 -0800
tree: 29f99bf419804daf82e32e67911628df0c2e5f39
parent: 90f44d5ff88189e0972bcd376b662d898e4c3c2e [diff] [blame]
diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c
index 4b1d992..23b91d2 100644
--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c

@@ -84,6 +84,12 @@
 		return -1;
 	}
 
+	if (disallowed_bssid(wpa_s, wpa_s->bssid) ||
+	    disallowed_ssid(wpa_s, ssid->ssid, ssid->ssid_len)) {
+		wpa_dbg(wpa_s, MSG_DEBUG, "Selected BSS is disallowed");
+		return -1;
+	}
+
 	res = wpas_temp_disabled(wpa_s, ssid);
 	if (res > 0) {
 		wpa_dbg(wpa_s, MSG_DEBUG, "Selected network is temporarily "
@@ -423,7 +429,9 @@
 
 #ifdef CONFIG_IEEE80211W
 		if (!(ie.capabilities & WPA_CAPABILITY_MFPC) &&
-		    ssid->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED) {
+		    (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
+		     wpa_s->conf->pmf : ssid->ieee80211w) ==
+		    MGMT_FRAME_PROTECTION_REQUIRED) {
 			wpa_dbg(wpa_s, MSG_DEBUG, "   skip RSN IE - no mgmt "
 				"frame protection");
 			break;
@@ -675,6 +683,16 @@
 		return NULL;
 	}
 
+	if (disallowed_bssid(wpa_s, bss->bssid)) {
+		wpa_dbg(wpa_s, MSG_DEBUG, "   skip - BSSID disallowed");
+		return NULL;
+	}
+
+	if (disallowed_ssid(wpa_s, bss->ssid, bss->ssid_len)) {
+		wpa_dbg(wpa_s, MSG_DEBUG, "   skip - SSID disallowed");
+		return NULL;
+	}
+
 	wpa = wpa_ie_len > 0 || rsn_ie_len > 0;
 
 	for (ssid = group; ssid; ssid = ssid->pnext) {
@@ -862,6 +880,8 @@
 #endif /* CONFIG_P2P */
 		return;
 	}
+
+	wpa_s->scan_for_connection = 1;
 	wpa_supplicant_req_scan(wpa_s, timeout_sec, timeout_usec);
 }
 
@@ -1012,6 +1032,12 @@
 		return 1;
 	}
 
+	if (current_bss->level < 0 && current_bss->level > selected->level) {
+		wpa_dbg(wpa_s, MSG_DEBUG, "Skip roam - Current BSS has better "
+			"signal level");
+		return 0;
+	}
+
 	min_diff = 2;
 	if (current_bss->level < 0) {
 		if (current_bss->level < -85)
@@ -1632,7 +1658,7 @@
 
 	if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
 		wpa_dbg(wpa_s, MSG_ERROR, "Failed to get BSSID");
-		wpa_supplicant_disassociate(
+		wpa_supplicant_deauthenticate(
 			wpa_s, WLAN_REASON_DEAUTH_LEAVING);
 		return;
 	}
@@ -1650,7 +1676,7 @@
 			wpa_clear_keys(wpa_s, bssid);
 		}
 		if (wpa_supplicant_select_config(wpa_s) < 0) {
-			wpa_supplicant_disassociate(
+			wpa_supplicant_deauthenticate(
 				wpa_s, WLAN_REASON_DEAUTH_LEAVING);
 			return;
 		}
@@ -1838,6 +1864,28 @@
 }
 
 
+static int could_be_psk_mismatch(struct wpa_supplicant *wpa_s, u16 reason_code,
+				 int locally_generated)
+{
+	if (wpa_s->wpa_state != WPA_4WAY_HANDSHAKE ||
+	    !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt))
+		return 0; /* Not in 4-way handshake with PSK */
+
+	/*
+	 * It looks like connection was lost while trying to go through PSK
+	 * 4-way handshake. Filter out known disconnection cases that are caused
+	 * by something else than PSK mismatch to avoid confusing reports.
+	 */
+
+	if (locally_generated) {
+		if (reason_code == WLAN_REASON_IE_IN_4WAY_DIFFERS)
+			return 0;
+	}
+
+	return 1;
+}
+
+
 static void wpa_supplicant_event_disassoc_finish(struct wpa_supplicant *wpa_s,
 						 u16 reason_code,
 						 int locally_generated)
@@ -1863,8 +1911,7 @@
 		return;
 	}
 
-	if (wpa_s->wpa_state == WPA_4WAY_HANDSHAKE &&
-	    wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
+	if (could_be_psk_mismatch(wpa_s, reason_code, locally_generated)) {
 		wpa_msg(wpa_s, MSG_INFO, "WPA: 4-Way Handshake failed - "
 			"pre-shared key may be incorrect");
 		wpas_auth_failed(wpa_s);
@@ -2530,9 +2577,8 @@
 				data->assoc_reject.status_code);
 		if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME)
 			sme_event_assoc_reject(wpa_s, data);
-#ifdef ANDROID_P2P
-#ifdef CONFIG_P2P
 		else {
+#ifdef ANDROID_P2P
 			if(!wpa_s->current_ssid) {
 				wpa_printf(MSG_ERROR, "current_ssid == NULL");
 				break;
@@ -2571,9 +2617,14 @@
 				wpa_supplicant_disable_network(wpa_s, wpa_s->current_ssid);
 				wpas_p2p_group_remove(wpa_s, wpa_s->ifname);
 			}
-		}
-#endif
+#else
+			const u8 *bssid = data->assoc_reject.bssid;
+			if (bssid == NULL || is_zero_ether_addr(bssid))
+				bssid = wpa_s->pending_bssid;
+			wpas_connection_failed(wpa_s, bssid);
+			wpa_supplicant_mark_disassoc(wpa_s);
 #endif /* ANDROID_P2P */
+		}
 		break;
 	case EVENT_AUTH_TIMED_OUT:
 		if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME)
commit	d5e4923d04122f81300fa68fb07d64ede28fd44d	[log] [tgz]
author	Dmitry Shmidt <dimitrysh@google.com>	Mon Dec 03 15:08:10 2012 -0800
committer	Dmitry Shmidt <dimitrysh@google.com>	Thu Dec 20 10:35:12 2012 -0800
tree	29f99bf419804daf82e32e67911628df0c2e5f39
parent	90f44d5ff88189e0972bcd376b662d898e4c3c2e [diff] [blame]