* [RFC connman v2 0/1] Add wpa_supplicant WPA3-SAE support @ 2021-05-27 21:41 Ariel D'Alessandro 2021-05-27 21:41 ` [RFC connman v2 1/1] WIP: " Ariel D'Alessandro 0 siblings, 1 reply; 11+ messages in thread From: Ariel D'Alessandro @ 2021-05-27 21:41 UTC (permalink / raw) To: iwd [-- Attachment #1: Type: text/plain, Size: 928 bytes --] Hi all, Here's another attemp on adding WPA3-SAE support to connman (wpa_supplicant backend). I'd like comments on the following mainly: Based on plugin/iwd.c, a private data struct is added to each network in plugin/wifi.c so it can keep track of keymgmt capabilities, needed to use WPA3-SAE if it's available. See RFC v1 thread for more details. Note that this is an RFC patchset. Feel free to give any kind of feedback, always appreciated :-) Changes from v1: * Dropped changes to service API. * Unified WPA3-SAE under WPA-PSK. * Added private data struct to network in plugin/wifi.c Regards, Ariel D'Alessandro (1): WIP: Add wpa_supplicant WPA3-SAE support gsupplicant/gsupplicant.h | 10 ++++++++++ gsupplicant/supplicant.c | 33 ++++++++++++++++++++++++++++++--- plugins/wifi.c | 21 +++++++++++++++++++++ 3 files changed, 61 insertions(+), 3 deletions(-) -- 2.30.2 ^ permalink raw reply [flat|nested] 11+ messages in thread
* [RFC connman v2 1/1] WIP: Add wpa_supplicant WPA3-SAE support 2021-05-27 21:41 [RFC connman v2 0/1] Add wpa_supplicant WPA3-SAE support Ariel D'Alessandro @ 2021-05-27 21:41 ` Ariel D'Alessandro 2021-06-02 17:05 ` Ariel D'Alessandro ` (2 more replies) 0 siblings, 3 replies; 11+ messages in thread From: Ariel D'Alessandro @ 2021-05-27 21:41 UTC (permalink / raw) To: iwd [-- Attachment #1: Type: text/plain, Size: 8004 bytes --] Implement WPA3-SAE authentication on connman side using wpa_supplicant backend. Initially based on Tizen project: https://review.tizen.org/git/?p=platform/upstream/connman.git Signed-off-by: Ariel D'Alessandro <ariel.dalessandro@collabora.com> --- gsupplicant/gsupplicant.h | 10 ++++++++++ gsupplicant/supplicant.c | 33 ++++++++++++++++++++++++++++++--- plugins/wifi.c | 21 +++++++++++++++++++++ 3 files changed, 61 insertions(+), 3 deletions(-) diff --git a/gsupplicant/gsupplicant.h b/gsupplicant/gsupplicant.h index 7935c3a6..eab6293f 100644 --- a/gsupplicant/gsupplicant.h +++ b/gsupplicant/gsupplicant.h @@ -61,6 +61,7 @@ extern "C" { #define G_SUPPLICANT_KEYMGMT_WPA_EAP (1 << 7) #define G_SUPPLICANT_KEYMGMT_WPA_EAP_256 (1 << 8) #define G_SUPPLICANT_KEYMGMT_WPS (1 << 9) +#define G_SUPPLICANT_KEYMGMT_SAE (1 << 10) #define G_SUPPLICANT_PROTO_WPA (1 << 0) #define G_SUPPLICANT_PROTO_RSN (1 << 1) @@ -129,6 +130,12 @@ typedef enum { G_SUPPLICANT_PEER_GROUP_FAILED, } GSupplicantPeerState; +typedef enum { + G_SUPPLICANT_MFP_NONE, + G_SUPPLICANT_MFP_OPTIONAL, + G_SUPPLICANT_MFP_REQUIRED, +} GSupplicantMfpOptions; + struct _GSupplicantSSID { const void *ssid; unsigned int ssid_len; @@ -155,6 +162,8 @@ struct _GSupplicantSSID { dbus_bool_t use_wps; const char *pin_wps; const char *bgscan; + unsigned int keymgmt; + GSupplicantMfpOptions ieee80211w; }; typedef struct _GSupplicantSSID GSupplicantSSID; @@ -339,6 +348,7 @@ bool g_supplicant_peer_is_in_a_group(GSupplicantPeer *peer); GSupplicantInterface *g_supplicant_peer_get_group_interface(GSupplicantPeer *peer); bool g_supplicant_peer_is_client(GSupplicantPeer *peer); bool g_supplicant_peer_has_requested_connection(GSupplicantPeer *peer); +unsigned int g_supplicant_network_get_keymgmt(GSupplicantNetwork *network); struct _GSupplicantCallbacks { void (*system_ready) (void); diff --git a/gsupplicant/supplicant.c b/gsupplicant/supplicant.c index f56b595f..be05575c 100644 --- a/gsupplicant/supplicant.c +++ b/gsupplicant/supplicant.c @@ -92,6 +92,7 @@ static struct strvalmap keymgmt_map[] = { { "wpa-eap", G_SUPPLICANT_KEYMGMT_WPA_EAP }, { "wpa-eap-sha256", G_SUPPLICANT_KEYMGMT_WPA_EAP_256 }, { "wps", G_SUPPLICANT_KEYMGMT_WPS }, + { "sae", G_SUPPLICANT_KEYMGMT_SAE }, { } }; @@ -234,6 +235,7 @@ struct _GSupplicantNetwork { unsigned int wps_capabilities; GHashTable *bss_table; GHashTable *config_table; + unsigned int keymgmt; }; struct _GSupplicantPeer { @@ -1427,6 +1429,14 @@ bool g_supplicant_peer_has_requested_connection(GSupplicantPeer *peer) return peer->connection_requested; } +unsigned int g_supplicant_network_get_keymgmt(GSupplicantNetwork *network) +{ + if (network == NULL) + return 0; + + return network->keymgmt; +} + static void merge_network(GSupplicantNetwork *network) { GString *str; @@ -1457,7 +1467,8 @@ static void merge_network(GSupplicantNetwork *network) else if (g_strcmp0(mode, "1") == 0) g_string_append_printf(str, "_adhoc"); - if (g_strcmp0(key_mgmt, "WPA-PSK") == 0) + if ((g_strcmp0(key_mgmt, "WPA-PSK") == 0) || + (g_strcmp0(key_mgmt, "SAE") == 0)) g_string_append_printf(str, "_psk"); group = g_string_free(str, FALSE); @@ -1650,6 +1661,7 @@ static int add_or_replace_bss_to_network(struct g_supplicant_bss *bss) network->name = create_name(bss->ssid, bss->ssid_len); network->mode = bss->mode; network->security = bss->security; + network->keymgmt = bss->keymgmt; network->ssid_len = bss->ssid_len; memcpy(network->ssid, bss->ssid, bss->ssid_len); network->signal = bss->signal; @@ -1931,7 +1943,8 @@ static void bss_compute_security(struct g_supplicant_bss *bss) if (bss->keymgmt & (G_SUPPLICANT_KEYMGMT_WPA_PSK | G_SUPPLICANT_KEYMGMT_WPA_FT_PSK | - G_SUPPLICANT_KEYMGMT_WPA_PSK_256)) + G_SUPPLICANT_KEYMGMT_WPA_PSK_256 | + G_SUPPLICANT_KEYMGMT_SAE)) bss->psk = TRUE; if (bss->ieee8021x) @@ -4890,6 +4903,15 @@ static void add_network_security_proto(DBusMessageIter *dict, g_free(proto); } +static void add_network_ieee80211w(DBusMessageIter *dict, GSupplicantSSID *ssid) +{ + if (!(ssid->keymgmt & G_SUPPLICANT_KEYMGMT_SAE)) + return; + + supplicant_dbus_dict_append_basic(dict, "ieee80211w", DBUS_TYPE_UINT32, + &ssid->ieee80211w); +} + static void add_network_security(DBusMessageIter *dict, GSupplicantSSID *ssid) { char *key_mgmt; @@ -4907,7 +4929,10 @@ static void add_network_security(DBusMessageIter *dict, GSupplicantSSID *ssid) add_network_security_ciphers(dict, ssid); break; case G_SUPPLICANT_SECURITY_PSK: - key_mgmt = "WPA-PSK"; + if (ssid->keymgmt & G_SUPPLICANT_KEYMGMT_SAE) + key_mgmt = "SAE"; + else + key_mgmt = "WPA-PSK"; add_network_security_psk(dict, ssid); add_network_security_ciphers(dict, ssid); add_network_security_proto(dict, ssid); @@ -4969,6 +4994,8 @@ static void interface_add_network_params(DBusMessageIter *iter, void *user_data) add_network_security(&dict, ssid); + add_network_ieee80211w(&dict, ssid); + supplicant_dbus_dict_append_fixed_array(&dict, "ssid", DBUS_TYPE_BYTE, &ssid->ssid, ssid->ssid_len); diff --git a/plugins/wifi.c b/plugins/wifi.c index 6233fe11..f990d40c 100644 --- a/plugins/wifi.c +++ b/plugins/wifi.c @@ -167,6 +167,10 @@ struct wifi_data { int assoc_code; }; +struct wifi_network { + unsigned int keymgmt; +}; + struct disconnect_data { struct wifi_data *wifi; struct connman_network *network; @@ -809,6 +813,7 @@ static void remove_networks(struct connman_device *device, for (list = wifi->networks; list; list = list->next) { struct connman_network *network = list->data; + g_free(connman_network_get_data(network)); connman_device_remove_network(device, network); connman_network_unref(network); } @@ -2148,6 +2153,7 @@ static GSupplicantSecurity network_security(const char *security) static void ssid_init(GSupplicantSSID *ssid, struct connman_network *network) { + struct wifi_network *network_data = connman_network_get_data(network); const char *security; memset(ssid, 0, sizeof(*ssid)); @@ -2157,6 +2163,8 @@ static void ssid_init(GSupplicantSSID *ssid, struct connman_network *network) ssid->scan_ssid = 1; security = connman_network_get_string(network, "WiFi.Security"); ssid->security = network_security(security); + ssid->keymgmt = network_data->keymgmt; + ssid->ieee80211w = G_SUPPLICANT_MFP_OPTIONAL; ssid->passphrase = connman_network_get_string(network, "WiFi.Passphrase"); @@ -2801,6 +2809,7 @@ static void network_added(GSupplicantNetwork *supplicant_network) struct connman_network *network; GSupplicantInterface *interface; struct wifi_data *wifi; + struct wifi_network *network_data; const char *name, *identifier, *security, *group, *mode; const unsigned char *ssid; unsigned int ssid_len; @@ -2849,8 +2858,19 @@ static void network_added(GSupplicantNetwork *supplicant_network) } wifi->networks = g_slist_prepend(wifi->networks, network); + + network_data = g_try_new0(struct wifi_network, 1); + if (!network_data) { + connman_error("Out of memory creating wifi network"); + return; + } + connman_network_set_data(network, network_data); } + network_data = connman_network_get_data(network); + network_data->keymgmt = + g_supplicant_network_get_keymgmt(supplicant_network); + if (name && name[0] != '\0') connman_network_set_name(network, name); @@ -2918,6 +2938,7 @@ static void network_removed(GSupplicantNetwork *network) wifi->networks = g_slist_remove(wifi->networks, connman_network); + g_free(connman_network_get_data(connman_network)); connman_device_remove_network(wifi->device, connman_network); connman_network_unref(connman_network); } -- 2.30.2 ^ permalink raw reply related [flat|nested] 11+ messages in thread
* Re: [RFC connman v2 1/1] WIP: Add wpa_supplicant WPA3-SAE support 2021-05-27 21:41 ` [RFC connman v2 1/1] WIP: " Ariel D'Alessandro @ 2021-06-02 17:05 ` Ariel D'Alessandro 2021-06-14 7:00 ` Daniel Wagner 2021-07-30 18:28 ` Ariel D'Alessandro 2 siblings, 0 replies; 11+ messages in thread From: Ariel D'Alessandro @ 2021-06-02 17:05 UTC (permalink / raw) To: iwd [-- Attachment #1: Type: text/plain, Size: 8703 bytes --] Hi Daniel, Just a gentle a ping in case you have time to take a look at this patchset v2 :-) let me know if this address the requirements we discussed on patchset v1. Thanks a lot! Ariel On 5/27/21 6:41 PM, Ariel D'Alessandro wrote: > Implement WPA3-SAE authentication on connman side using wpa_supplicant > backend. > > Initially based on Tizen project: > > https://review.tizen.org/git/?p=platform/upstream/connman.git > > Signed-off-by: Ariel D'Alessandro <ariel.dalessandro@collabora.com> > --- > gsupplicant/gsupplicant.h | 10 ++++++++++ > gsupplicant/supplicant.c | 33 ++++++++++++++++++++++++++++++--- > plugins/wifi.c | 21 +++++++++++++++++++++ > 3 files changed, 61 insertions(+), 3 deletions(-) > > diff --git a/gsupplicant/gsupplicant.h b/gsupplicant/gsupplicant.h > index 7935c3a6..eab6293f 100644 > --- a/gsupplicant/gsupplicant.h > +++ b/gsupplicant/gsupplicant.h > @@ -61,6 +61,7 @@ extern "C" { > #define G_SUPPLICANT_KEYMGMT_WPA_EAP (1 << 7) > #define G_SUPPLICANT_KEYMGMT_WPA_EAP_256 (1 << 8) > #define G_SUPPLICANT_KEYMGMT_WPS (1 << 9) > +#define G_SUPPLICANT_KEYMGMT_SAE (1 << 10) > > #define G_SUPPLICANT_PROTO_WPA (1 << 0) > #define G_SUPPLICANT_PROTO_RSN (1 << 1) > @@ -129,6 +130,12 @@ typedef enum { > G_SUPPLICANT_PEER_GROUP_FAILED, > } GSupplicantPeerState; > > +typedef enum { > + G_SUPPLICANT_MFP_NONE, > + G_SUPPLICANT_MFP_OPTIONAL, > + G_SUPPLICANT_MFP_REQUIRED, > +} GSupplicantMfpOptions; > + > struct _GSupplicantSSID { > const void *ssid; > unsigned int ssid_len; > @@ -155,6 +162,8 @@ struct _GSupplicantSSID { > dbus_bool_t use_wps; > const char *pin_wps; > const char *bgscan; > + unsigned int keymgmt; > + GSupplicantMfpOptions ieee80211w; > }; > > typedef struct _GSupplicantSSID GSupplicantSSID; > @@ -339,6 +348,7 @@ bool g_supplicant_peer_is_in_a_group(GSupplicantPeer *peer); > GSupplicantInterface *g_supplicant_peer_get_group_interface(GSupplicantPeer *peer); > bool g_supplicant_peer_is_client(GSupplicantPeer *peer); > bool g_supplicant_peer_has_requested_connection(GSupplicantPeer *peer); > +unsigned int g_supplicant_network_get_keymgmt(GSupplicantNetwork *network); > > struct _GSupplicantCallbacks { > void (*system_ready) (void); > diff --git a/gsupplicant/supplicant.c b/gsupplicant/supplicant.c > index f56b595f..be05575c 100644 > --- a/gsupplicant/supplicant.c > +++ b/gsupplicant/supplicant.c > @@ -92,6 +92,7 @@ static struct strvalmap keymgmt_map[] = { > { "wpa-eap", G_SUPPLICANT_KEYMGMT_WPA_EAP }, > { "wpa-eap-sha256", G_SUPPLICANT_KEYMGMT_WPA_EAP_256 }, > { "wps", G_SUPPLICANT_KEYMGMT_WPS }, > + { "sae", G_SUPPLICANT_KEYMGMT_SAE }, > { } > }; > > @@ -234,6 +235,7 @@ struct _GSupplicantNetwork { > unsigned int wps_capabilities; > GHashTable *bss_table; > GHashTable *config_table; > + unsigned int keymgmt; > }; > > struct _GSupplicantPeer { > @@ -1427,6 +1429,14 @@ bool g_supplicant_peer_has_requested_connection(GSupplicantPeer *peer) > return peer->connection_requested; > } > > +unsigned int g_supplicant_network_get_keymgmt(GSupplicantNetwork *network) > +{ > + if (network == NULL) > + return 0; > + > + return network->keymgmt; > +} > + > static void merge_network(GSupplicantNetwork *network) > { > GString *str; > @@ -1457,7 +1467,8 @@ static void merge_network(GSupplicantNetwork *network) > else if (g_strcmp0(mode, "1") == 0) > g_string_append_printf(str, "_adhoc"); > > - if (g_strcmp0(key_mgmt, "WPA-PSK") == 0) > + if ((g_strcmp0(key_mgmt, "WPA-PSK") == 0) || > + (g_strcmp0(key_mgmt, "SAE") == 0)) > g_string_append_printf(str, "_psk"); > > group = g_string_free(str, FALSE); > @@ -1650,6 +1661,7 @@ static int add_or_replace_bss_to_network(struct g_supplicant_bss *bss) > network->name = create_name(bss->ssid, bss->ssid_len); > network->mode = bss->mode; > network->security = bss->security; > + network->keymgmt = bss->keymgmt; > network->ssid_len = bss->ssid_len; > memcpy(network->ssid, bss->ssid, bss->ssid_len); > network->signal = bss->signal; > @@ -1931,7 +1943,8 @@ static void bss_compute_security(struct g_supplicant_bss *bss) > if (bss->keymgmt & > (G_SUPPLICANT_KEYMGMT_WPA_PSK | > G_SUPPLICANT_KEYMGMT_WPA_FT_PSK | > - G_SUPPLICANT_KEYMGMT_WPA_PSK_256)) > + G_SUPPLICANT_KEYMGMT_WPA_PSK_256 | > + G_SUPPLICANT_KEYMGMT_SAE)) > bss->psk = TRUE; > > if (bss->ieee8021x) > @@ -4890,6 +4903,15 @@ static void add_network_security_proto(DBusMessageIter *dict, > g_free(proto); > } > > +static void add_network_ieee80211w(DBusMessageIter *dict, GSupplicantSSID *ssid) > +{ > + if (!(ssid->keymgmt & G_SUPPLICANT_KEYMGMT_SAE)) > + return; > + > + supplicant_dbus_dict_append_basic(dict, "ieee80211w", DBUS_TYPE_UINT32, > + &ssid->ieee80211w); > +} > + > static void add_network_security(DBusMessageIter *dict, GSupplicantSSID *ssid) > { > char *key_mgmt; > @@ -4907,7 +4929,10 @@ static void add_network_security(DBusMessageIter *dict, GSupplicantSSID *ssid) > add_network_security_ciphers(dict, ssid); > break; > case G_SUPPLICANT_SECURITY_PSK: > - key_mgmt = "WPA-PSK"; > + if (ssid->keymgmt & G_SUPPLICANT_KEYMGMT_SAE) > + key_mgmt = "SAE"; > + else > + key_mgmt = "WPA-PSK"; > add_network_security_psk(dict, ssid); > add_network_security_ciphers(dict, ssid); > add_network_security_proto(dict, ssid); > @@ -4969,6 +4994,8 @@ static void interface_add_network_params(DBusMessageIter *iter, void *user_data) > > add_network_security(&dict, ssid); > > + add_network_ieee80211w(&dict, ssid); > + > supplicant_dbus_dict_append_fixed_array(&dict, "ssid", > DBUS_TYPE_BYTE, &ssid->ssid, > ssid->ssid_len); > diff --git a/plugins/wifi.c b/plugins/wifi.c > index 6233fe11..f990d40c 100644 > --- a/plugins/wifi.c > +++ b/plugins/wifi.c > @@ -167,6 +167,10 @@ struct wifi_data { > int assoc_code; > }; > > +struct wifi_network { > + unsigned int keymgmt; > +}; > + > struct disconnect_data { > struct wifi_data *wifi; > struct connman_network *network; > @@ -809,6 +813,7 @@ static void remove_networks(struct connman_device *device, > for (list = wifi->networks; list; list = list->next) { > struct connman_network *network = list->data; > > + g_free(connman_network_get_data(network)); > connman_device_remove_network(device, network); > connman_network_unref(network); > } > @@ -2148,6 +2153,7 @@ static GSupplicantSecurity network_security(const char *security) > > static void ssid_init(GSupplicantSSID *ssid, struct connman_network *network) > { > + struct wifi_network *network_data = connman_network_get_data(network); > const char *security; > > memset(ssid, 0, sizeof(*ssid)); > @@ -2157,6 +2163,8 @@ static void ssid_init(GSupplicantSSID *ssid, struct connman_network *network) > ssid->scan_ssid = 1; > security = connman_network_get_string(network, "WiFi.Security"); > ssid->security = network_security(security); > + ssid->keymgmt = network_data->keymgmt; > + ssid->ieee80211w = G_SUPPLICANT_MFP_OPTIONAL; > ssid->passphrase = connman_network_get_string(network, > "WiFi.Passphrase"); > > @@ -2801,6 +2809,7 @@ static void network_added(GSupplicantNetwork *supplicant_network) > struct connman_network *network; > GSupplicantInterface *interface; > struct wifi_data *wifi; > + struct wifi_network *network_data; > const char *name, *identifier, *security, *group, *mode; > const unsigned char *ssid; > unsigned int ssid_len; > @@ -2849,8 +2858,19 @@ static void network_added(GSupplicantNetwork *supplicant_network) > } > > wifi->networks = g_slist_prepend(wifi->networks, network); > + > + network_data = g_try_new0(struct wifi_network, 1); > + if (!network_data) { > + connman_error("Out of memory creating wifi network"); > + return; > + } > + connman_network_set_data(network, network_data); > } > > + network_data = connman_network_get_data(network); > + network_data->keymgmt = > + g_supplicant_network_get_keymgmt(supplicant_network); > + > if (name && name[0] != '\0') > connman_network_set_name(network, name); > > @@ -2918,6 +2938,7 @@ static void network_removed(GSupplicantNetwork *network) > > wifi->networks = g_slist_remove(wifi->networks, connman_network); > > + g_free(connman_network_get_data(connman_network)); > connman_device_remove_network(wifi->device, connman_network); > connman_network_unref(connman_network); > } > ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [RFC connman v2 1/1] WIP: Add wpa_supplicant WPA3-SAE support 2021-05-27 21:41 ` [RFC connman v2 1/1] WIP: " Ariel D'Alessandro @ 2021-06-14 7:00 ` Daniel Wagner 2021-06-14 7:00 ` Daniel Wagner 2021-07-30 18:28 ` Ariel D'Alessandro 2 siblings, 0 replies; 11+ messages in thread From: Daniel Wagner @ 2021-06-14 7:00 UTC (permalink / raw) To: Ariel D'Alessandro Cc: connman, iwd, Sven.Dembianny, andrew.shadura, niraj.g, n.chaprana, marcel Hi Ariel, On Thu, May 27, 2021 at 06:41:34PM -0300, Ariel D'Alessandro wrote: > Implement WPA3-SAE authentication on connman side using wpa_supplicant > backend. > > Initially based on Tizen project: > > https://review.tizen.org/git/?p=platform/upstream/connman.git > > Signed-off-by: Ariel D'Alessandro <ariel.dalessandro@collabora.com> We don't do the SOB, so I just dropped. I applied the patch, there were small style issues which I fixed it directly. Probably we should update the documentation which wpa_supplicant version is needed to support WPA3. Thanks, Daniel ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [RFC connman v2 1/1] WIP: Add wpa_supplicant WPA3-SAE support @ 2021-06-14 7:00 ` Daniel Wagner 0 siblings, 0 replies; 11+ messages in thread From: Daniel Wagner @ 2021-06-14 7:00 UTC (permalink / raw) To: iwd [-- Attachment #1: Type: text/plain, Size: 601 bytes --] Hi Ariel, On Thu, May 27, 2021 at 06:41:34PM -0300, Ariel D'Alessandro wrote: > Implement WPA3-SAE authentication on connman side using wpa_supplicant > backend. > > Initially based on Tizen project: > > https://review.tizen.org/git/?p=platform/upstream/connman.git > > Signed-off-by: Ariel D'Alessandro <ariel.dalessandro@collabora.com> We don't do the SOB, so I just dropped. I applied the patch, there were small style issues which I fixed it directly. Probably we should update the documentation which wpa_supplicant version is needed to support WPA3. Thanks, Daniel ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [RFC connman v2 1/1] WIP: Add wpa_supplicant WPA3-SAE support 2021-06-14 7:00 ` Daniel Wagner @ 2021-06-14 11:50 ` Ariel D'Alessandro -1 siblings, 0 replies; 11+ messages in thread From: Ariel D'Alessandro @ 2021-06-14 11:50 UTC (permalink / raw) To: Daniel Wagner Cc: connman, iwd, Sven.Dembianny, andrew.shadura, niraj.g, n.chaprana, marcel Hi Daniel, On 6/14/21 4:00 AM, Daniel Wagner wrote: > Hi Ariel, > > On Thu, May 27, 2021 at 06:41:34PM -0300, Ariel D'Alessandro wrote: >> Implement WPA3-SAE authentication on connman side using wpa_supplicant >> backend. >> >> Initially based on Tizen project: >> >> https://review.tizen.org/git/?p=platform/upstream/connman.git >> >> Signed-off-by: Ariel D'Alessandro <ariel.dalessandro@collabora.com> > > We don't do the SOB, so I just dropped. Ok. > > I applied the patch, there were small style issues which I fixed it > directly. Great! Thanks a lot for your help. > > Probably we should update the documentation which wpa_supplicant version > is needed to support WPA3. Which doc files should be updated? I can take a look at that and put some notes together. Regards, Ariel ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [RFC connman v2 1/1] WIP: Add wpa_supplicant WPA3-SAE support @ 2021-06-14 11:50 ` Ariel D'Alessandro 0 siblings, 0 replies; 11+ messages in thread From: Ariel D'Alessandro @ 2021-06-14 11:50 UTC (permalink / raw) To: iwd [-- Attachment #1: Type: text/plain, Size: 827 bytes --] Hi Daniel, On 6/14/21 4:00 AM, Daniel Wagner wrote: > Hi Ariel, > > On Thu, May 27, 2021 at 06:41:34PM -0300, Ariel D'Alessandro wrote: >> Implement WPA3-SAE authentication on connman side using wpa_supplicant >> backend. >> >> Initially based on Tizen project: >> >> https://review.tizen.org/git/?p=platform/upstream/connman.git >> >> Signed-off-by: Ariel D'Alessandro <ariel.dalessandro@collabora.com> > > We don't do the SOB, so I just dropped. Ok. > > I applied the patch, there were small style issues which I fixed it > directly. Great! Thanks a lot for your help. > > Probably we should update the documentation which wpa_supplicant version > is needed to support WPA3. Which doc files should be updated? I can take a look at that and put some notes together. Regards, Ariel ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [RFC connman v2 1/1] WIP: Add wpa_supplicant WPA3-SAE support 2021-06-14 11:50 ` Ariel D'Alessandro @ 2021-06-14 11:57 ` Daniel Wagner -1 siblings, 0 replies; 11+ messages in thread From: Daniel Wagner @ 2021-06-14 11:57 UTC (permalink / raw) To: Ariel D'Alessandro Cc: connman, iwd, Sven.Dembianny, andrew.shadura, niraj.g, n.chaprana, marcel Hi Ariel, On Mon, Jun 14, 2021 at 08:50:10AM -0300, Ariel D'Alessandro wrote: > > I applied the patch, there were small style issues which I fixed it > > directly. > > Great! Thanks a lot for your help. Thanks for your contribution. Really appreciated. > > Probably we should update the documentation which wpa_supplicant version > > is needed to support WPA3. > > Which doc files should be updated? I can take a look at that and put > some notes together. There was some recommendation on the wpa_supplicant version in the README. I wonder if this is still valid. Thanks, Daniel ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [RFC connman v2 1/1] WIP: Add wpa_supplicant WPA3-SAE support @ 2021-06-14 11:57 ` Daniel Wagner 0 siblings, 0 replies; 11+ messages in thread From: Daniel Wagner @ 2021-06-14 11:57 UTC (permalink / raw) To: iwd [-- Attachment #1: Type: text/plain, Size: 606 bytes --] Hi Ariel, On Mon, Jun 14, 2021 at 08:50:10AM -0300, Ariel D'Alessandro wrote: > > I applied the patch, there were small style issues which I fixed it > > directly. > > Great! Thanks a lot for your help. Thanks for your contribution. Really appreciated. > > Probably we should update the documentation which wpa_supplicant version > > is needed to support WPA3. > > Which doc files should be updated? I can take a look at that and put > some notes together. There was some recommendation on the wpa_supplicant version in the README. I wonder if this is still valid. Thanks, Daniel ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [RFC connman v2 1/1] WIP: Add wpa_supplicant WPA3-SAE support 2021-05-27 21:41 ` [RFC connman v2 1/1] WIP: " Ariel D'Alessandro 2021-06-02 17:05 ` Ariel D'Alessandro 2021-06-14 7:00 ` Daniel Wagner @ 2021-07-30 18:28 ` Ariel D'Alessandro 2021-08-02 6:55 ` Daniel Wagner 2 siblings, 1 reply; 11+ messages in thread From: Ariel D'Alessandro @ 2021-07-30 18:28 UTC (permalink / raw) To: iwd [-- Attachment #1: Type: text/plain, Size: 1860 bytes --] Hi all, This patch has been merged already. However, I'd like to have your comments, see below. On 5/27/21 6:41 PM, Ariel D'Alessandro wrote: > Implement WPA3-SAE authentication on connman side using wpa_supplicant > backend. > > Initially based on Tizen project: > > https://review.tizen.org/git/?p=platform/upstream/connman.git > > Signed-off-by: Ariel D'Alessandro <ariel.dalessandro@collabora.com> > --- > gsupplicant/gsupplicant.h | 10 ++++++++++ > gsupplicant/supplicant.c | 33 ++++++++++++++++++++++++++++++--- > plugins/wifi.c | 21 +++++++++++++++++++++ > 3 files changed, 61 insertions(+), 3 deletions(-) [snip] > diff --git a/plugins/wifi.c b/plugins/wifi.c > index 6233fe11..f990d40c 100644 > --- a/plugins/wifi.c > +++ b/plugins/wifi.c[snip]> @@ -2148,6 +2153,7 @@ static GSupplicantSecurity network_security(const char *security) > > static void ssid_init(GSupplicantSSID *ssid, struct connman_network *network) > { > + struct wifi_network *network_data = connman_network_get_data(network); > const char *security; > > memset(ssid, 0, sizeof(*ssid)); > @@ -2157,6 +2163,8 @@ static void ssid_init(GSupplicantSSID *ssid, struct connman_network *network) > ssid->scan_ssid = 1; > security = connman_network_get_string(network, "WiFi.Security"); > ssid->security = network_security(security); > + ssid->keymgmt = network_data->keymgmt; > + ssid->ieee80211w = G_SUPPLICANT_MFP_OPTIONAL; Should this be G_SUPPLICANT_MFP_REQUIRED? According to wpa_supplicant docs [0] section "# ieee80211w:": it is stated "WPA3-Personal-only mode: ieee80211w=2 and key_mgmt=SAE". This means that the parameter ieee80211w has to be set to 2 (required) if SAE is used. Should this be fixed? [0] https://w1.fi/cgit/hostap/plain/wpa_supplicant/wpa_supplicant.conf Regards, Ariel ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [RFC connman v2 1/1] WIP: Add wpa_supplicant WPA3-SAE support 2021-07-30 18:28 ` Ariel D'Alessandro @ 2021-08-02 6:55 ` Daniel Wagner 0 siblings, 0 replies; 11+ messages in thread From: Daniel Wagner @ 2021-08-02 6:55 UTC (permalink / raw) To: iwd [-- Attachment #1: Type: text/plain, Size: 1108 bytes --] Hi Ariel, On Fri, Jul 30, 2021 at 03:28:57PM -0300, Ariel D'Alessandro wrote: > > static void ssid_init(GSupplicantSSID *ssid, struct connman_network *network) > > { > > + struct wifi_network *network_data = connman_network_get_data(network); > > const char *security; > > > > memset(ssid, 0, sizeof(*ssid)); > > @@ -2157,6 +2163,8 @@ static void ssid_init(GSupplicantSSID *ssid, struct connman_network *network) > > ssid->scan_ssid = 1; > > security = connman_network_get_string(network, "WiFi.Security"); > > ssid->security = network_security(security); > > + ssid->keymgmt = network_data->keymgmt; > > + ssid->ieee80211w = G_SUPPLICANT_MFP_OPTIONAL; > > Should this be G_SUPPLICANT_MFP_REQUIRED? > > According to wpa_supplicant docs [0] section "# ieee80211w:": it is > stated "WPA3-Personal-only mode: ieee80211w=2 and key_mgmt=SAE". This > means that the parameter ieee80211w has to be set to 2 (required) if SAE > is used. > > Should this be fixed? Yes, I agree. According the docs this should be set to required. Are you sending a patch? Thanks, Daniel ^ permalink raw reply [flat|nested] 11+ messages in thread
end of thread, other threads:[~2021-08-02 6:55 UTC | newest] Thread overview: 11+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2021-05-27 21:41 [RFC connman v2 0/1] Add wpa_supplicant WPA3-SAE support Ariel D'Alessandro 2021-05-27 21:41 ` [RFC connman v2 1/1] WIP: " Ariel D'Alessandro 2021-06-02 17:05 ` Ariel D'Alessandro 2021-06-14 7:00 ` Daniel Wagner 2021-06-14 7:00 ` Daniel Wagner 2021-06-14 11:50 ` Ariel D'Alessandro 2021-06-14 11:50 ` Ariel D'Alessandro 2021-06-14 11:57 ` Daniel Wagner 2021-06-14 11:57 ` Daniel Wagner 2021-07-30 18:28 ` Ariel D'Alessandro 2021-08-02 6:55 ` Daniel Wagner
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.