wpa-supplicant questions

Jouni Malinen jkmaline
Thu Sep 8 00:23:57 PDT 2005

On Wed, Sep 07, 2005 at 07:48:49PM +0300, Bar, Eitan wrote:

> 1.	Does OpenSSL have to be compiled and linked along wpa-supplicant
> even if only WPA(2)-PSK is used?

No, wpa_supplicant includes internal implementation for MD5/SHA1/AES
that will be used if not TLS library is linked in (e.g., if no EAP
method is selected in .config).

> 3.	In case my driver "needs" to be responsible for AP (BSSID)
> selection, setting ap_scan=2 in the config file should do the trick,
> right?

Yes as long as the driver_*.c code for the driver knows how to configure
the driver properly for this.

> 4.	After successful connection with WPA-PSK (for example), If my
> driver performs roaming to another WPA-PSK AP, is it enough for my
> driver to simply signal the wpa-supplicant of the roaming-event through
> EVENT_ASSOC event ? Will the wpa-supplicant then simply initiate EAPOL
> sequence accordingly (of course after Get-WPA-IE etc etc)?


> 5.	Can somebody please explain sequence of events with
> pre-authentication?
> 	a.	Who initiates pre-authenticaion? (driver request or
> wpa-supplicant performs this alone?)

wpa_supplicant initiates pre-authentication based on information from
the driver.

> 	b.	If wpa-supplicant initiates this, does it still do so if
> "ap-scan=2"? Since list of other APs with same SSID can only be
> retrieved through get-scan-results API

Yes, but with ap_scan=2 the driver has to be generating
EVENT_PMKID_CANDIDATE events since wpa_supplicant does not get knowledge
about pre-authentication candidates from scan results in this case.

> 	d.	Can the driver be notified of success/failure of
> pre-authenticaion process? (I mean besides set-pmkid per AP)

I'm not aware of any need for doing this. Success is indeed notified
by setting PMKID for the matching BSSID. What would the driver do with
separate notification?

> 	e.	In which cases flush_pmkid and remove_pmkid are called?

flush_pmkid is not currently called by wpa_supplicant core code, but it
could end up being used whenever wpa_supplicant is terminated.
remove_pmkid is used when there is no room for new PMKSA entries or if a
PMKSA entry expires.

Jouni Malinen                                            PGP id EFC895FA

More information about the Hostap mailing list