From: Johannes Berg <johannes@sipsolutions.net>
To: Jithu Jance <jithu.jance@broadcom.com>,
Arend Van Spriel <arend.vanspriel@broadcom.com>
Cc: linux-wireless@vger.kernel.org, Eliad Peller <eliad@wizery.com>,
Jouni Malinen <j@w1.fi>, Avraham Stern <avraham.stern@intel.com>
Subject: Re: [PATCH] cfg80211: support 4-way handshake offloading for WPA/WPA2-PSK
Date: Fri, 03 Mar 2017 13:20:07 +0100 [thread overview]
Message-ID: <1488543607.25750.1.camel@sipsolutions.net> (raw)
In-Reply-To: <CA+gyVQ24qDqpOBKPjVaZ_BFAJa9kLMjA=nD8FF8V7HvxUkWb=w@mail.gmail.com> (sfid-20170223_115633_378165_DF472B50)
On Thu, 2017-02-23 at 16:26 +0530, Jithu Jance wrote:
> On Thu, Feb 23, 2017 at 4:10 PM, Arend Van Spriel
> <arend.vanspriel@broadcom.com> wrote:
> >
> > Ehm. Looking at the code in wpa_supplicant_event_assoc() it would
> > be
> > better to use NL80211_CMD_EAPOL_PORT_VALID event to cover both
> > WPA/WPA2-PSK and 8021X.
>
> Yes. IMHO, the assoc/reassoc ind should move the state to
> WPA_ASSOCIATED and a separate event like
> NL80211_CMD_EAPOL_PORT_VALID/AUTHORIZED should move the connection
> state to WPA_COMPLETED.
That seems reasonable.
Avi just looked also at distinguishing if/when fresh 1X authentication
is required, particularly with roaming. For that, he's suggesting to
add a flag AUTHORIZED to the ROAMED event.
We could, possibly, have a PORT_AUTHORIZED event for that as well, but
it'd be more complicated, since then you'd have to wait for that and if
it doesn't come time out - or we'd need a "PORT_UNAUTHORIZED" or
"PLEASE_START_1X" instead? None of that really seems like such a great
idea.
Perhaps instead it'd make sense to instead include the new AUTHORIZED
flag in the CONNECT_RESULT as well, if authorized? I basically see 3
valid cases:
* connection successful with authorized port
* connection successful with need for 1X handshake (non-offloaded)
* connection failed
Why should we have the case of
* association successful but 4-way-HS failed
separately?
johannes
next prev parent reply other threads:[~2017-03-03 13:31 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-02-21 10:09 [PATCH] cfg80211: support 4-way handshake offloading for WPA/WPA2-PSK Johannes Berg
2017-02-21 10:32 ` Arend Van Spriel
2017-02-21 10:40 ` Johannes Berg
2017-02-21 11:34 ` Arend Van Spriel
2017-02-21 11:45 ` Arend Van Spriel
2017-02-21 11:46 ` Johannes Berg
2017-02-21 11:54 ` Arend Van Spriel
2017-02-28 11:06 ` Arend Van Spriel
2017-03-03 12:21 ` Johannes Berg
2017-03-03 12:47 ` Arend Van Spriel
2017-03-09 13:38 ` Arend Van Spriel
2017-03-14 13:52 ` Johannes Berg
2017-03-18 7:08 ` Arend Van Spriel
2017-02-21 12:37 ` Johannes Berg
2017-02-21 19:57 ` Arend Van Spriel
2017-02-22 12:24 ` Jithu Jance
2017-02-23 10:36 ` Arend Van Spriel
2017-02-23 10:37 ` Johannes Berg
2017-02-23 10:40 ` Arend Van Spriel
2017-02-23 10:56 ` Jithu Jance
2017-03-03 12:20 ` Johannes Berg [this message]
2017-03-03 12:44 ` Arend Van Spriel
2017-03-09 14:53 ` Jithu Jance
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1488543607.25750.1.camel@sipsolutions.net \
--to=johannes@sipsolutions.net \
--cc=arend.vanspriel@broadcom.com \
--cc=avraham.stern@intel.com \
--cc=eliad@wizery.com \
--cc=j@w1.fi \
--cc=jithu.jance@broadcom.com \
--cc=linux-wireless@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).