From 9af850cef2007cabe1bbffad3ef1d2b13396832d Mon Sep 17 00:00:00 2001 From: Darren Li Date: Tue, 22 Feb 2022 00:34:47 -0600 Subject: [PATCH 18/49] wpa_supplicant: suppress deauth for PMKSA caching disabled wpa_supplicant: Need a command/parameter suppress deauth for PMKSA caching disabled Signed-off-by: Darren Li --- src/rsn_supp/wpa.c | 5 ++++- src/rsn_supp/wpa.h | 1 + src/rsn_supp/wpa_i.h | 1 + wpa_supplicant/config.c | 1 + wpa_supplicant/config_file.c | 1 + wpa_supplicant/config_ssid.h | 7 +++++++ wpa_supplicant/wpas_glue.c | 2 ++ 7 files changed, 17 insertions(+), 1 deletion(-) diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c index 92ab7d561..1f6401ef3 100644 --- a/src/rsn_supp/wpa.c +++ b/src/rsn_supp/wpa.c @@ -2904,7 +2904,9 @@ static void wpa_sm_pmksa_free_cb(struct rsn_pmksa_cache_entry *entry, if (deauth) { sm->pmk_len = 0; os_memset(sm->pmk, 0, sizeof(sm->pmk)); - wpa_sm_deauthenticate(sm, WLAN_REASON_UNSPECIFIED); + if (!sm->suppress_deauth_no_pmksa) { + wpa_sm_deauthenticate(sm, WLAN_REASON_UNSPECIFIED); + } } } @@ -3240,6 +3242,7 @@ void wpa_sm_set_config(struct wpa_sm *sm, struct rsn_supp_config *config) } #endif /* CONFIG_FILS */ sm->beacon_prot = config->beacon_prot; + sm->suppress_deauth_no_pmksa = config->suppress_deauth_no_pmksa; } else { sm->network_ctx = NULL; sm->allowed_pairwise_cipher = 0; diff --git a/src/rsn_supp/wpa.h b/src/rsn_supp/wpa.h index 41daaae2c..2cd1826e4 100644 --- a/src/rsn_supp/wpa.h +++ b/src/rsn_supp/wpa.h @@ -136,6 +136,7 @@ struct rsn_supp_config { const u8 *fils_cache_id; int beacon_prot; bool force_kdk_derivation; + int suppress_deauth_no_pmksa; }; #ifndef CONFIG_NO_WPA diff --git a/src/rsn_supp/wpa_i.h b/src/rsn_supp/wpa_i.h index 6cdce321d..3989c9ab3 100644 --- a/src/rsn_supp/wpa_i.h +++ b/src/rsn_supp/wpa_i.h @@ -216,6 +216,7 @@ struct wpa_sm { struct wpabuf *dpp_z; int dpp_pfs; #endif /* CONFIG_DPP2 */ + int suppress_deauth_no_pmksa; }; diff --git a/wpa_supplicant/config.c b/wpa_supplicant/config.c index bf062b079..737e46be5 100644 --- a/wpa_supplicant/config.c +++ b/wpa_supplicant/config.c @@ -2639,6 +2639,7 @@ static const struct parse_data ssid_fields[] = { { INT_RANGE(beacon_prot, 0, 1) }, { INT_RANGE(transition_disable, 0, 255) }, { INT_RANGE(sae_pk, 0, 2) }, + { INT_RANGE(suppress_deauth_no_pmksa, 0, 1) }, }; #undef OFFSET diff --git a/wpa_supplicant/config_file.c b/wpa_supplicant/config_file.c index 6db5010db..fe383564d 100644 --- a/wpa_supplicant/config_file.c +++ b/wpa_supplicant/config_file.c @@ -844,6 +844,7 @@ static void wpa_config_write_network(FILE *f, struct wpa_ssid *ssid) INT(beacon_prot); INT(transition_disable); INT(sae_pk); + INT(suppress_deauth_no_pmksa); #ifdef CONFIG_HT_OVERRIDES INT_DEF(disable_ht, DEFAULT_DISABLE_HT); INT_DEF(disable_ht40, DEFAULT_DISABLE_HT40); diff --git a/wpa_supplicant/config_ssid.h b/wpa_supplicant/config_ssid.h index 724534dd0..ad0bd2b80 100644 --- a/wpa_supplicant/config_ssid.h +++ b/wpa_supplicant/config_ssid.h @@ -1177,6 +1177,13 @@ struct wpa_ssid { * 2 = both hunting-and-pecking loop and hash-to-element enabled */ int sae_pwe; + + /** + * suppress_deauth_no_pmksa - Whether deauth when PMKSA is empty + * 0 = To deauthenticate if there is no PMKSA entry (default) + * 1 = To suppress deauthenticate if there is no PMKSA entry + */ + int suppress_deauth_no_pmksa; }; #endif /* CONFIG_SSID_H */ diff --git a/wpa_supplicant/wpas_glue.c b/wpa_supplicant/wpas_glue.c index 816a884a8..88cbc8fbe 100644 --- a/wpa_supplicant/wpas_glue.c +++ b/wpa_supplicant/wpas_glue.c @@ -1504,6 +1504,8 @@ void wpa_supplicant_rsn_supp_set_config(struct wpa_supplicant *wpa_s, conf.force_kdk_derivation = wpa_s->conf->force_kdk_derivation; #endif /* CONFIG_TESTING_OPTIONS */ #endif /* CONFIG_PASN */ + conf.beacon_prot = ssid->beacon_prot; + conf.suppress_deauth_no_pmksa = ssid->suppress_deauth_no_pmksa; } wpa_sm_set_config(wpa_s->wpa, ssid ? &conf : NULL); } -- 2.17.1