[PATCH v2 00/20] mesh support for wpa_supplicant

Bob Copeland me at bobcopeland.com
Mon Oct 20 09:07:34 EDT 2014


On Sun, Oct 19, 2014 at 01:26:35PM +0300, Jouni Malinen wrote:
> On Mon, Sep 01, 2014 at 12:23:19AM -0400, Bob Copeland wrote:
> > This is an updated posting of the mesh-for-wpa_supplicant patchset,
> > which allows creating an open or secure (SAE) 802.11s mesh.
> 
> I merged in couple of the clear cases from the temporary mesh branch
> into the master branch.

Great, thanks!

> FIX: This breaks SAE-on-non-mesh-AP case. SAE_COMMITTED handler in
> sae_sm_step() sends out two Authentication frames which is not used in
> non-mesh case. The non-mesh exchange is: STA->AP tr#1, AP->STA tr#1,
> STA->AP tr#2, AP->STA tr#2. This patch changes the second step to be
> AP->STA tr#1 and tr#2 (that final tr#2 is still included in the end)

> I'm not sure how this could be fixed cleanly taken into account the
> somewhat difficult SAE state machine design from the view point of the
> strange exchange for non-mesh case. Maybe just skipping
> auth_sae_send_confirm() + setting state to SAE_CONFIRMED from
> SAE_NOTHING handler for non-mesh cases(?).

Yeah, if it just sent only commit and transitioned to SAE_COMMITED state
that should work.  Is the STA<->AP exchange variant documented somewhere?
I only know about 802.11-2012 11.3.

Also it seems wrong that AP->STA would send the tr#2 (confirm) frame
more than once in the normal case.  It should be transitioning out of
COMMITTED into ACCEPTED state without replying, i.e., I would expect it to
look like (as I wrote it):

    sta --- COMMIT  --> ap
    sta <-- COMMIT  --- ap
    sta <-- CONFIRM --- ap
    sta --- CONFIRM --> ap

...without another CONFIRM frame from the AP.

-- 
Bob Copeland %% www.bobcopeland.com


More information about the HostAP mailing list