Pixel6 was not able to connect due to phone indicates support for SAE H2E, but did not use it

Jouni Malinen j at w1.fi
Fri May 27 02:13:39 PDT 2022 

On Sun, May 22, 2022 at 09:55:58PM -0700, Sean Li wrote:

> Please refer to the sniffer capture at
> https://drive.google.com/file/d/13EcsEJKjKrkID20SPaq0YYA3_iatGD6Y/view?usp=sharing
> Pixel6 mac: 0c:c4:13:14:16:93
> The issue usually happens after multiple roaming connections between
> our mesh system.

Thanks. This is interesting.. The station tries to reassociate without
H2E and once that fails, associates again with H2E with the same AP.

> If the 802.11 spec mandates H2E when both peers advertised the
> support, the issue here sounds more on the Pixel6 then.

That's what it look like, but the that sniffer capture has some details
that made me look at what else could be wrong. It looks like the station
might be doing this particular roaming case based on FILS Discovery
frame and that frame does not have information about SAE H2E, so the
station might not have figured out that the target AP supports H2E. That
said, this is on the 6 GHz band, so the AP should be assumed to use H2E
anyway. Furthermore, if the station does not have the sufficient
information from the FILS Discovery frame, it needs to wait to receive
the full information from Beacon frame or Probe Response frame before
trying to association..

I'm not familiar with the particular station implementation here for the
relevant parts, so I'll talk with the vendor in question to check what
could be behind this.

In addition, I went through the FILS Discovery frame details and
compared it to the way this frame is defined in the standard. I don't
think I agree with the Length field use here, so that's something that
I'll take a closer look as well. hostapd has similar design in setting
the Length field value to point beyond the TPE element, so there might
be multiple implementations doing this differently compared to my
interpretation. I guess this requires some more discussions to confirm
my interpretation. Anyway, the frame can still be parsed successfully,
so I don't think this would have anything to do with that SAE H2E issue.

-- 
Jouni Malinen                                            PGP id EFC895FA

More information about the Hostap mailing list