[PATCH v2 00/20] mesh support for wpa_supplicant
Bob Copeland
me
Mon Oct 20 06:07:34 PDT 2014
On Sun, Oct 19, 2014 at 01:26:35PM +0300, Jouni Malinen wrote:
> On Mon, Sep 01, 2014 at 12:23:19AM -0400, Bob Copeland wrote:
> > This is an updated posting of the mesh-for-wpa_supplicant patchset,
> > which allows creating an open or secure (SAE) 802.11s mesh.
>
> I merged in couple of the clear cases from the temporary mesh branch
> into the master branch.
Great, thanks!
> FIX: This breaks SAE-on-non-mesh-AP case. SAE_COMMITTED handler in
> sae_sm_step() sends out two Authentication frames which is not used in
> non-mesh case. The non-mesh exchange is: STA->AP tr#1, AP->STA tr#1,
> STA->AP tr#2, AP->STA tr#2. This patch changes the second step to be
> AP->STA tr#1 and tr#2 (that final tr#2 is still included in the end)
> I'm not sure how this could be fixed cleanly taken into account the
> somewhat difficult SAE state machine design from the view point of the
> strange exchange for non-mesh case. Maybe just skipping
> auth_sae_send_confirm() + setting state to SAE_CONFIRMED from
> SAE_NOTHING handler for non-mesh cases(?).
Yeah, if it just sent only commit and transitioned to SAE_COMMITED state
that should work. Is the STA<->AP exchange variant documented somewhere?
I only know about 802.11-2012 11.3.
Also it seems wrong that AP->STA would send the tr#2 (confirm) frame
more than once in the normal case. It should be transitioning out of
COMMITTED into ACCEPTED state without replying, i.e., I would expect it to
look like (as I wrote it):
sta --- COMMIT --> ap
sta <-- COMMIT --- ap
sta <-- CONFIRM --- ap
sta --- CONFIRM --> ap
...without another CONFIRM frame from the AP.
--
Bob Copeland %% www.bobcopeland.com
More information about the Hostap
mailing list