eitanb at ti.com
Thu Sep 8 03:46:21 EDT 2005
Thanks for the response :)
Regarding Pre-authentication, a few more questions:
1. When the driver generates the EVENT_PMKID_CANDIDATE event, this is
done per BSSID, right? Meaning the driver should parse scan results, for
APs with same SSID, and generate EVENT_PMKID_CANDIDATE event per AP?
2. Does the driver have to wait for a SET-PMKID (pre-auth complete) to
be called before issuing a new EVENT_PMKID_CANDIDATE event? Or can it
send a few events as a bunch and then wait for all results?
3. Can the driver called EVENT_PMKID_CANDIDATE with current (connected)
4. Regarding pre-auth failure, I will probably modify the event handler
to start a timeout per BSSID and then notify the driver of failure. I
currently need this since it is a driver requirement (host CPU must be
informed of end of pre-authentication process so it would be able to
power-down if idle).
Besides timeout of a request, is there a specific fail message sent by
APs in case of pre-auth failure?
THANKS AGAIN :)
From: hostap-bounces+eitanb=ti.com at shmoo.com
[mailto:hostap-bounces+eitanb=ti.com at shmoo.com] On Behalf Of Jouni
Sent: Thursday, September 08, 2005 10:24 AM
To: hostap at shmoo.com
Subject: Re: wpa-supplicant questions
On Wed, Sep 07, 2005 at 07:48:49PM +0300, Bar, Eitan wrote:
> 1. Does OpenSSL have to be compiled and linked along wpa-supplicant
> even if only WPA(2)-PSK is used?
No, wpa_supplicant includes internal implementation for MD5/SHA1/AES
that will be used if not TLS library is linked in (e.g., if no EAP
method is selected in .config).
> 3. In case my driver "needs" to be responsible for AP (BSSID)
> selection, setting ap_scan=2 in the config file should do the trick,
Yes as long as the driver_*.c code for the driver knows how to configure
the driver properly for this.
> 4. After successful connection with WPA-PSK (for example), If my
> driver performs roaming to another WPA-PSK AP, is it enough for my
> driver to simply signal the wpa-supplicant of the roaming-event
> EVENT_ASSOC event ? Will the wpa-supplicant then simply initiate EAPOL
> sequence accordingly (of course after Get-WPA-IE etc etc)?
> 5. Can somebody please explain sequence of events with
> a. Who initiates pre-authenticaion? (driver request or
> wpa-supplicant performs this alone?)
wpa_supplicant initiates pre-authentication based on information from
> b. If wpa-supplicant initiates this, does it still do so if
> "ap-scan=2"? Since list of other APs with same SSID can only be
> retrieved through get-scan-results API
Yes, but with ap_scan=2 the driver has to be generating
EVENT_PMKID_CANDIDATE events since wpa_supplicant does not get knowledge
about pre-authentication candidates from scan results in this case.
> d. Can the driver be notified of success/failure of
> pre-authenticaion process? (I mean besides set-pmkid per AP)
I'm not aware of any need for doing this. Success is indeed notified
by setting PMKID for the matching BSSID. What would the driver do with
> e. In which cases flush_pmkid and remove_pmkid are called?
flush_pmkid is not currently called by wpa_supplicant core code, but it
could end up being used whenever wpa_supplicant is terminated.
remove_pmkid is used when there is no room for new PMKSA entries or if a
PMKSA entry expires.
Jouni Malinen PGP id EFC895FA
HostAP mailing list
HostAP at shmoo.com
More information about the HostAP