| Message ID | 1535137289-5425-2-git-send-email-greearb@candelatech.com |
|---|---|
| State | Changes Requested |
| Headers | show |
| Series | [1/2] supported op class should take freq-list into account. | expand |
On 01/07/2019 03:23 PM, Jouni Malinen wrote: > On Fri, Aug 24, 2018 at 12:01:29PM -0700, greearb@candelatech.com wrote: >> This provides a work-around for cases where the AP (most likely) >> has bugs when this element exists and/or has 5Ghz elements when >> the AP is evidently unexpecting that. >> >> Test case that required this fix is a DPC3941 AP, configured with >> 2.4G radio to have WPA2 PSK. Client station is ath10k 9880. >> The symptom is that the client radio does not ack the 1/4 eapol. >> I do not know exactly why, but maybe it is corrupted in some suble >> way that I did not notice. > > This sounds really strange. I cannot think of many reasons of the > Supported Operating Classes element having impact for EAPOL-Key msg > 1/4.. Some kind of really strange corruption that hits completely > unrelated area, etc. > > Have you seen this with any other AP devices? > > In general, I don't really like user configurable parameters for this > type of workarounds, i.e., it would be much better for users not to have > to know about this in the first place. Most users would have no idea how > to enable something like this in wpa_supplicant (and in most cases, they > would not even have means of editing the configuration file on a device > that uses wpa_supplicant). In other words, this should really be > detected and enabled automatically only if the AP really needs this. > Unfortunately, there is not much details here to determine what exactly > is behind this and the particular AP you mention here seems to be > out-of-life, so there may not be much of a chance of getting support > from the vendor either. > Evidently there are other APs that this happens on, though they use the same (or similar enough) 2.4Ghz ath chip (and presumably similar vendor driver/firmware). I don't know of a good way to auto-detect this...it was painful to debug this to begin with. At least one large company is using these currently in their lab and appear to be developing new stuff with them. I also managed to get pertinent info to a QCA support person but that was a black hole so no idea if they plan to fix it or not. Considering these APs are in the wild, I think you need an option to enable this hack-around. At least then there is a chance to work around it by configuration instead of recompile, and maybe someone else can find a better way to auto-detect this problem. Thanks, Ben
On Fri, Aug 24, 2018 at 12:01:29PM -0700, greearb@candelatech.com wrote: > This provides a work-around for cases where the AP (most likely) > has bugs when this element exists and/or has 5Ghz elements when > the AP is evidently unexpecting that. > > Test case that required this fix is a DPC3941 AP, configured with > 2.4G radio to have WPA2 PSK. Client station is ath10k 9880. > The symptom is that the client radio does not ack the 1/4 eapol. > I do not know exactly why, but maybe it is corrupted in some suble > way that I did not notice. This sounds really strange. I cannot think of many reasons of the Supported Operating Classes element having impact for EAPOL-Key msg 1/4.. Some kind of really strange corruption that hits completely unrelated area, etc. Have you seen this with any other AP devices? In general, I don't really like user configurable parameters for this type of workarounds, i.e., it would be much better for users not to have to know about this in the first place. Most users would have no idea how to enable something like this in wpa_supplicant (and in most cases, they would not even have means of editing the configuration file on a device that uses wpa_supplicant). In other words, this should really be detected and enabled automatically only if the AP really needs this. Unfortunately, there is not much details here to determine what exactly is behind this and the particular AP you mention here seems to be out-of-life, so there may not be much of a chance of getting support from the vendor either.
diff --git a/wpa_supplicant/config.c b/wpa_supplicant/config.c index 9b751ec..6e5c5d8 100644 --- a/wpa_supplicant/config.c +++ b/wpa_supplicant/config.c @@ -4745,6 +4745,7 @@ static const struct global_parse_data global_fields[] = { { INT(p2p_go_max_inactivity), 0 }, { INT_RANGE(auto_interworking, 0, 1), 0 }, { INT(okc), 0 }, + { INT(no_oper_classes_ie), 0 }, { INT(pmf), 0 }, { FUNC(sae_groups), 0 }, { INT(dtim_period), 0 }, diff --git a/wpa_supplicant/config.h b/wpa_supplicant/config.h index f9afd7a..8f562c8 100644 --- a/wpa_supplicant/config.h +++ b/wpa_supplicant/config.h @@ -1165,6 +1165,16 @@ struct wpa_config { int okc; /** + * At least some APs (dpc3941) will not reliably associate a station on the + * 2.4Ghz radio with at least some client devices (ath10k 9880) if the + * supported operating classes IE advertises 2.4 and 5Ghz range + * (81, 83, 84, 115 ... 130) + * So, allow users to disable the operating-class IE in order to work around + * this. + */ + int no_oper_classes_ie; + + /** * pmf - Whether to enable/require PMF by default * * By default, PMF is disabled unless enabled by the per-network diff --git a/wpa_supplicant/sme.c b/wpa_supplicant/sme.c index 90d0353..16dd61f 100644 --- a/wpa_supplicant/sme.c +++ b/wpa_supplicant/sme.c @@ -473,10 +473,12 @@ static void sme_send_authentication(struct wpa_supplicant *wpa_s, sme_auth_handle_rrm(wpa_s, bss); - wpa_s->sme.assoc_req_ie_len += wpas_supp_op_class_ie( - wpa_s, bss->freq, - wpa_s->sme.assoc_req_ie + wpa_s->sme.assoc_req_ie_len, - sizeof(wpa_s->sme.assoc_req_ie) - wpa_s->sme.assoc_req_ie_len); + if (!wpa_s->conf->no_oper_classes_ie) { + wpa_s->sme.assoc_req_ie_len += wpas_supp_op_class_ie( + wpa_s, bss->freq, + wpa_s->sme.assoc_req_ie + wpa_s->sme.assoc_req_ie_len, + sizeof(wpa_s->sme.assoc_req_ie) - wpa_s->sme.assoc_req_ie_len); + } if (params.p2p) wpa_drv_get_ext_capa(wpa_s, WPA_IF_P2P_CLIENT); diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c index 2aef867..533cdd7 100644 --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c @@ -2655,7 +2655,7 @@ static u8 * wpas_populate_assoc_ies( os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info)); #endif /* CONFIG_P2P */ - if (bss) { + if (bss && !(wpa_s->conf->no_oper_classes_ie)) { wpa_ie_len += wpas_supp_op_class_ie(wpa_s, bss->freq, wpa_ie + wpa_ie_len, max_wpa_ie_len - diff --git a/wpa_supplicant/wpa_supplicant.conf b/wpa_supplicant/wpa_supplicant.conf index e3a5bcb..010695b 100644 --- a/wpa_supplicant/wpa_supplicant.conf +++ b/wpa_supplicant/wpa_supplicant.conf @@ -370,6 +370,15 @@ fast_reauth=1 # can be disabled with per-network proactive_key_caching=0 parameter. #okc=0 +# At least some APs (dpc3941) will not reliably associate a station on the +# 2.4Ghz radio with at least some client devices (ath10k 9880) if the +# supported operating classes IE advertises 2.4 and 5Ghz range +# (81, 83, 84, 115 ... 130) +# So, allow users to disable the operating-class IE in order to work around +# this. Default is to set this to 0 (enable oper-classes-ie) +# Set it to 1 to disable the oper-classes-ie +#no_oper_classes_ie=0 + # Protected Management Frames default # This parameter can be used to set the default behavior for the ieee80211w # parameter for RSN networks. By default, PMF is disabled unless enabled with