git.ipfire.org Git - thirdparty/hostap.git/commit

author	Michael Braun <michael-dev@fami-braun.de>
	Wed, 24 Feb 2016 11:53:36 +0000 (12:53 +0100)
committer	Jouni Malinen <j@w1.fi>
	Sun, 28 Feb 2016 16:46:05 +0000 (18:46 +0200)
commit	f8e09bc57e95c14e68ae0af1c3b1854a3f3ac22e
tree	5325a4e9738be33fda78de37c52c5efd9b195c91	tree
parent	cc9c805a51cc6790d30d2f118055081644dae5b5	commit \| diff

Defer passphrase-to-PSK hashing out of 802.11 authentication ACL check

Hashing takes quite some time (can be about one second on a low-power
CPU for each passphrase provided), so hostapd can easily hit the 900 ms
Wi-Fi client authentication deadline (mac80211 uses 3x 300 ms). This can
be fixed by storing the passphrase instead of PSK with the STA and defer
the hashing into the WPA/RSN 4-way handshake, when enumerating all PSKs.

This applies for the case where a RADIUS server is used to store the
per-STA passphrases and this passphrase is delivered as part of the MAC
ACL check during IEEE 802.11 Authentication frame processing.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>

src/ap/ap_config.h		diff \| blob \| blame \| history
src/ap/ieee802_11_auth.c		diff \| blob \| blame \| history
src/ap/wpa_auth_glue.c		diff \| blob \| blame \| history