[PATCH 1/2] wpa_supplicant: Handle randomization changes for same ESS

Andrzej Ostruszka amo at semihalf.com
Thu Dec 1 07:43:43 PST 2022 

When MAC randomization settings change we should use new MAC address
even if we are associating to the same ESS.  For example consider this
scenario:
- hardware MAC is being used,
- we disconnect from the network,
- policy/style is changed via D-Bus to turn randomization on,
- we reconnect to the same network.

In the last step the randomized address should be used.

Changes to the randomization settings include both changes to the
policy/style to be used and changes to the pregenerated MAC address
value in case of mac_addr==3.

Signed-off-by: Andrzej Ostruszka <amo at semihalf.com>
---
 wpa_supplicant/wpa_supplicant.c | 27 ++++++++++++++++++---------
 1 file changed, 18 insertions(+), 9 deletions(-)

diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c
index 9c711d154..349933c39 100644
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -2238,14 +2238,23 @@ int wpas_update_random_addr(struct wpa_supplicant *wpa_s, int style,
 
 	os_get_reltime(&now);
 	if (wpa_s->last_mac_addr_style == style &&
-	    /* Pregenerated addresses do not expire */
-	    wpa_s->last_mac_addr_style != 3 &&
-	    wpa_s->last_mac_addr_change.sec != 0 &&
-	    !os_reltime_expired(&now, &wpa_s->last_mac_addr_change,
-				wpa_s->conf->rand_addr_lifetime)) {
-		wpa_msg(wpa_s, MSG_DEBUG,
-			"Previously selected random MAC address has not yet expired");
-		return 0;
+	    /* Random addresses are valid within given ESS so do not check
+	     * expiration/value when changing ESS. */
+	    wpa_s->reassoc_same_ess) {
+		if (style != 3) {
+			if (wpa_s->last_mac_addr_change.sec != 0 &&
+			    !os_reltime_expired(&now, &wpa_s->last_mac_addr_change,
+						wpa_s->conf->rand_addr_lifetime)) {
+				wpa_msg(wpa_s, MSG_DEBUG,
+					"Previously selected random MAC address has not yet expired");
+				return 0;
+			}
+		} else {
+			/* Pregenerated addresses do not expire but their value
+			 * might have changed, so let's check that. */
+			if (os_memcmp(wpa_s->own_addr, ssid->mac_value, ETH_ALEN) == 0)
+				return 0;
+		}
 	}
 
 	switch (style) {
@@ -2436,7 +2445,7 @@ void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
 	wpa_s_setup_sae_pt(wpa_s->conf, ssid);
 #endif /* CONFIG_SAE */
 
-	if (rand_style > 0 && !wpa_s->reassoc_same_ess) {
+	if (rand_style > 0) {
 		if (wpas_update_random_addr(wpa_s, rand_style, ssid) < 0)
 			return;
 		wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
-- 
2.38.1.584.g0f3c55d4c2-goog

More information about the Hostap mailing list