All of lore.kernel.org
 help / color / mirror / Atom feed
From: James Prestwood <prestwoj@gmail.com>
To: "linux-wireless@vger.kernel.org" <linux-wireless@vger.kernel.org>
Subject: brcmfmac: Getting IEs from CMD_ROAM
Date: Thu, 11 Mar 2021 14:00:49 -0800	[thread overview]
Message-ID: <76d03f421dd7db33755675e424541a64aac95310.camel@gmail.com> (raw)

Hi,

Adding FW roaming support to IWD has led me down this rabbit hole with
CMD_ROAM, and I am attempting to understand how wpa_supplicant handles
this. The brcmfmac card I am using sends a CMD_ROAM event which
contains some response IEs but no RSN element (nor any scan information
like frequency, rssi, etc, thats another topic). This prevents the
supplicant from being able to complete the 4-way handshake.

Now, I have a dirty hack to re-use the previous BSS's RSN element which
*works* but this will break e.g. roaming between WPA1 <-> WPA2, plus
802.11 requires that the authenticator IE is verified during the 4-way, 
which cant reliably happen if we just use an arbitrary RSN element from
another BSS.

Is this a known issue? I'm trying to read the code in wpa_supplicant
and its making my head spin. It does attempt to parse the RSN element
from CMD_ROAM, but I expect that fails since its not included. If it
doesn't get it from CMD_ROAM where does it get it from? Or does it
spoof it like I am?

Thanks,
James


             reply	other threads:[~2021-03-11 22:01 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-03-11 22:00 James Prestwood [this message]
2021-03-11 22:54 ` brcmfmac: Getting IEs from CMD_ROAM James Prestwood

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=76d03f421dd7db33755675e424541a64aac95310.camel@gmail.com \
    --to=prestwoj@gmail.com \
    --cc=linux-wireless@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.