Jouni Malinen [Fri, 28 Jan 2022 15:28:49 +0000 (17:28 +0200)]
DPP: Fix connection result reporting when using TCP
The TCP code path did not handle the postponed connection attempt on TX
status and the following result message from the Enrollee to the
Configurator. Fix this by adding TCP-versions of these operations to
match the way wpa_supplicant implemented this for the Public Action
frames.
Jouni Malinen [Tue, 25 Jan 2022 18:06:49 +0000 (20:06 +0200)]
DPP: Change PKEX version configuration design
Use a separate ver=<1|2> parameter to DPP_PKEX_ADD instead of
overloading init=1 with version indication. This allows additional
options for forcing v1-only and v2-only in addition to automatic mode
(start with v2 and fall back to v1, if needed).
Jouni Malinen [Mon, 24 Jan 2022 18:57:19 +0000 (20:57 +0200)]
DPP3: Add PKEX initiator retries and fallback from v2 to v1 for hostapd
This extends hostapd with the design used in wpa_supplicant for PKEX
initiator retries and automatic version fallback from v2 to v1 (the
latter is enabled only with CONFIG_DPP3=y).
Jouni Malinen [Mon, 24 Jan 2022 18:21:24 +0000 (20:21 +0200)]
DPP3: Start with PKEXv2 and fall back to v1
Use automatic PKEX version negotiation as the initiator by starting with
PKEXv2 and if no response is received, trying again with PKEXv1. For
now, this is enabled only in wpa_supplicant CONFIG_DPP3=y builds.
Qiwei Cai [Wed, 5 Jan 2022 05:04:24 +0000 (13:04 +0800)]
P2P: Send response frame on channel where the request is received
The rx_freq of Public Action frame was not maintained by the GO and the
GO always sent the response on the operating channel. This causes
provision discovery failure when a P2P Device is sending a PD Request on
a 2.4 GHz social channel and the GO is responding on a 5 GHz operating
channel.
Save the rx_freq and use it for GO to sent the response. This extends
commit c5cc7a59acb2 ("Report offchannel RX frame frequency to hostapd")
to cover additional frame types.
Extend the peer queue flush command with following attributes
1. Enable to flush per TID peer queue
2. Enable to configure when to flush the peer/TID queue
Jouni Malinen [Sun, 16 Jan 2022 20:46:15 +0000 (22:46 +0200)]
Preparations for v2.10 release
Update the version number for the build and also add the ChangeLog
entries for both hostapd and wpa_supplicant to describe main changes
between v2.9 and v2.10.
Jouni Malinen [Fri, 7 Jan 2022 16:52:27 +0000 (18:52 +0200)]
EAP-pwd: Derive the y coordinate for PWE with own implementation
The crypto_ec_point_solve_y_coord() wrapper function might not use
constant time operations in the crypto library and as such, could leak
side channel information about the password that is used to generate the
PWE in the hunting and pecking loop. As such, calculate the two possible
y coordinate values and pick the correct one to use with constant time
selection.
Jouni Malinen [Fri, 7 Jan 2022 11:47:16 +0000 (13:47 +0200)]
SAE: Derive the y coordinate for PWE with own implementation
The crypto_ec_point_solve_y_coord() wrapper function might not use
constant time operations in the crypto library and as such, could leak
side channel information about the password that is used to generate the
PWE in the hunting and pecking loop. As such, calculate the two possible
y coordinate values and pick the correct one to use with constant time
selection.
Vishal Miskin [Thu, 2 Dec 2021 06:49:22 +0000 (12:19 +0530)]
Defined a driver interface for periodic TSF sync feature
Add a QCA vendor netlink interface to start/stop periodic TSF sync
feature and also support configuration of interval value as part of TSF
sync start command. In addition, improve documentation for the related
attributes and values.
Add a QCA vendor attribute to indicate ACS over EHT
Add QCA_WLAN_VENDOR_ATTR_ACS_EHT_ENABLED flag attribute to conduct ACS
for EHT mode. The driver can consider EHT specific parameters such as
puncture pattern for ACS when this flag attribute is indicated by
userspace.
Jouni Malinen [Tue, 11 Jan 2022 16:02:53 +0000 (18:02 +0200)]
Clear roam/BSS TM in progress flags for additional cases
It looks like the recently added roam_in_progress and
bss_trans_mgmt_in_progress flags could end up getting set, but not
cleared, in some cases. Make sure these get cleared on explicit
disconnection request and also in case the SME-in-driver path is used
(while that path does not really use these flags yet, it is better to
not allow them to be forgotten to be set should it be extended to cover
similar functionality).
Nicolas Norvez [Wed, 5 Jan 2022 01:35:13 +0000 (01:35 +0000)]
Reject authentication start during BSS TM requests
After receiving a BSS Transition Management request,
wpa_supplicant_connect() will abort ongoing scans, which will cause scan
results to be reported. Since the reassociate bit is set, this will
trigger a connection attempt based on the aborted scan's scan results
and cancel the initial connection request. This often causes
wpa_supplicant to reassociate to the same AP it is currently associated
to instead of the AP it was asked to transition to.
Add a bss_trans_mgmt_in_progress flag to indicate that we're currently
transitioning to a different AP so that we don't initiate another
connection attempt based on the possibly received scan results from a
scan that was in progress at the time the BSS Transition Management
request was received.
This is the equivalent of commit 5ac977758d35 ("Reject authentication
start during explicit roam requests") for the roaming scenario.
Signed-off-by: Nicolas Norvez <norvez@chromium.org>
Jouni Malinen [Tue, 11 Jan 2022 15:37:32 +0000 (17:37 +0200)]
OpenSSL: Update security level drop for TLS 1.0/1.1 with OpenSSL 3.0
OpenSSL 3.0 dropped these older TLS versions from the security level 2
to 1, so need to drop the security level all the way to 0 if TLS v1.0 or
v1.1 is explicitly enabled.
Jouni Malinen [Tue, 11 Jan 2022 12:00:43 +0000 (14:00 +0200)]
OpenSSL: Fix compressed form encoding for subjectPublicKey with 3.0
It looks like EC_KEY_set_conv_form() for the EC_KEY within the EVP_PKEY
does not take effect for i2d_PUBKEY() with OpenSSL 3.0, so allocate a
new wrapper EVP_PKEY after the conversion format change to be able to
return the correctly encoded (compressed) value here. This is required
for DPP to work correctly.
Jouni Malinen [Tue, 11 Jan 2022 10:43:19 +0000 (12:43 +0200)]
OpenSSL: Load legacy provider when needed for OpenSSL 3.0
Number of the older algorithms have now been moved into a separate
provider in OpenSSL 3.0 and they are not available by default.
Explicitly load the legacy provider when such an algorithm is needed for
the first time.
In addition, at least for now, load the legacy providers when initiating
TLS context to maintain existing functionality for various private key
formats.
Chenming Huang [Mon, 13 Dec 2021 07:57:58 +0000 (15:57 +0800)]
DPP: Remove dpp-listen radio work when stopping
The radio work starting may be delayed. If the DPP listen operation is
stopped before the radio work starts, the pending dpp-listen radio work
won't get cleaned up, which might lead to failing to start the next DPP
listen operation.
Issue scenario: DPP start -> dpp-listen radio work added but not started
-> DPP stop, pending radio work not cleaned up -> radio work start ->
trying to start DPP but failing because a dpp-listen work already
exists.
This commit removes the potential pending dpp-listen radio
work when DPP stops.
SAE: Make sure BSS entry is available to determine RSNXE information
wpa_supplicant may use wrong SAE authentication method if it doesn't
have the scan result for the target BSS since RSNXE information is not
available.
For example, STA might use the hunting-and-pecking loop method for SAE
authentication even though AP supports SAE H2E and STA is configured
with sae_pwe=2.
This is possible in cases like EXTERNAL_AUTH triggered by the driver
during roaming. To avoid this update scan results to fetch the target
BSS scan result from the driver.
Mukul Sharma [Thu, 16 Dec 2021 18:14:02 +0000 (23:44 +0530)]
Add new vendor attributes to avoid coex unsafe frequencies
Add additional attributes in
QCA_NL80211_VENDOR_SUBCMD_AVOID_FREQUENCY_EXT vendor sub command to
avoid usage of unsafe frequencies on wifi interfaces sent from userspace
to the driver/firmware. The driver/firmware shall use restrictions and
power cap accordingly to restrict the usage of these frequencies on
operating interface(s).
Jouni Malinen [Tue, 14 Dec 2021 16:25:43 +0000 (18:25 +0200)]
tests: Fix DPP PKEXv2 capability checks
At least for the time being PKEXv2 needs CONFIG_DPP3=y to work in a
testable manner. Couple of the test cases did not cover this correctly
and resulted in failures (instead of skipping the tests) when the
default build configuration was used. Fix that by checking for DPP
version 3.
Jouni Malinen [Tue, 14 Dec 2021 17:43:54 +0000 (19:43 +0200)]
DPP3: Update version capability indication for hostapd
The "GET_CAPABILITY dpp" command in wpa_supplicant was already extended
to cover DPP version 3, but the matching change for hostapd was
forgotten. Add that now.
peterhuang [Wed, 18 Aug 2021 10:48:53 +0000 (18:48 +0800)]
Update supported channel width set (HT40) after channel switch
hostapd should update Supported Channel Width Set of HT Capability
Information field after channel switching done. Otherwise, it would
continue to use the old setting.
peterhuang [Wed, 18 Aug 2021 10:57:28 +0000 (18:57 +0800)]
Fix channel switch wrapper when switching from HT to VHT/HE
Because ieee80211ac and ieee80211ax were not updated before channel
switch is done, hostapd didn't build the Channel Switch Wrapper element
when it switched from HT to bandwidth more than 40 MHz of VHT/HE. fix
this by allowing hostapd_eid_wb_chsw_wrapper() to determine internally
when the element needs to be added based on the new channel instead of
the old configuration.
Daniel Golle [Tue, 31 Aug 2021 07:44:07 +0000 (10:44 +0300)]
mesh: Make forwarding configurable
Allow mesh_fwding (dot11MeshForwarding) to be specified in a mesh BSS
config, pass that to the driver (only nl80211 implemented for now) and
announce forwarding capability accordingly.
Signed-off-by: José Pekkarinen <jose.pekkarinen@unikie.com> Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Alan Young [Thu, 11 Nov 2021 16:40:05 +0000 (16:40 +0000)]
ACS/DFS: Support min_tx_power configuration
If min_tx_power is specified (default 0 dBm, i.e., no constraint), ACS
and DFS will not consider channels whose available max_tx_power is less
than the configured value.
This may be useful to exclude SRD (Short Range Device) channels which
may be limited to 13.9 dBm (25 mW) in some regulatory domains.
Janusz Dziedzic [Sun, 24 Oct 2021 19:47:49 +0000 (21:47 +0200)]
tests: remotehost: Disable pipe buffering
Before, we could loose some events because of pipe buffering. I saw this
problem when running "ubus listen" or "logread -f" and waiting some
specific events. After disabling buffering this works much better.
Signed-off-by: Janusz Dziedzic <janusz.dziedzic@gmail.com>
Janusz Dziedzic [Sun, 24 Oct 2021 19:48:34 +0000 (21:48 +0200)]
MBO: Fix the allowed range of mbo_assoc_disallow values
This parameter was added with the commit message indicating the valid
reason code values to be 1-5, but with the implementation allowed only
1. There are five defined reason code values for the Association
Disallowed attribute, so extend the allowed range to cover all those
values.
Fixes: fb9a1c3e285d ("hostapd: Add MBO IE to Beacon, Probe Response, Association Response") Signed-off-by: Janusz Dziedzic <janusz.dziedzic@gmail.com>
Damien Dejean [Wed, 8 Dec 2021 07:45:32 +0000 (07:45 +0000)]
D-Bus: Interworking network selection
Add the "InterworkingSelect" method to the DBus API to trigger an
Interworking scan with ANQP fetches. When a BSS that matches a
configured credential is found, the result is emitted using the signal
"InterworkingAPAdded". Completion of the full InterworkingSelect
operation is indicated with the "InterworkingSelectDone" signal.
Add "AddCred", "RemoveCred", and "RemoveAllCreds" methods to the D-Bus
API of the network interface to allow the caller to manipulate a set of
Interworking credentials similarly to the way this was enabled through
the control interface.
Gokul Sivakumar [Wed, 3 Nov 2021 16:50:23 +0000 (22:20 +0530)]
wlantest: Delete each entry from the WEP list before freeing the entry
To be consistent with how all the other dl lists like passphrase, PMK,
and PTK lists are freed, delete each entry from the WEP list before
freeing the entry.
Gokul Sivakumar [Wed, 3 Nov 2021 16:50:22 +0000 (22:20 +0530)]
wlantest: Replace the duplicate functions with reuse of cli.h
The definitions of max_args, get_cmd_arg_num(), and tokenize_cmd() are
already shared by the hostapd_cli and wpa_cli commands by including the
cli.h header. So follow the same for wlantest_cli and remove the
duplicate function defitions.
Gokul Sivakumar [Wed, 3 Nov 2021 16:50:21 +0000 (22:20 +0530)]
wlantest: Add new cli "help" command
Having a help cli command to view all the supported commands is helpful
when running the wlantest_cli manually instead via the python test
scripts.
$ wlantest_cli help
commands:
ping = test connection to wlantest
terminate = terminate wlantest
list_bss = get BSS list
list_sta <BSSID> = get STA list
flush = drop all collected BSS data
clear_sta_counters <BSSID> <STA> = clear STA counters
clear_bss_counters <BSSID> = clear BSS counters
get_sta_counter <counter> <BSSID> <STA> = get STA counter value
get_bss_counter <counter> <BSSID> = get BSS counter value
inject <frame> <prot> <sender> <BSSID> <STA/ff:ff:ff:ff:ff:ff>
send <prot> <raw frame as hex dump>
version = get wlantest version
add_passphrase <passphrase> = add a known passphrase
add_wepkey <WEP key> = add a known WEP key
info_sta <field> <BSSID> <STA> = get STA information
info_bss <field> <BSSID> = get BSS information
clear_tdls_counters <BSSID> <STA1> <STA2> = clear TDLS counters
get_tdls_counter <counter> <BSSID> <STA1> <STA2> = get TDLS counter value
get_bss_counter <counter> <BSSID> = get BSS counter value
relog = re-open log-file (allow rolling logs)
get_tx_tid <BSSID> <STA> <TID> = get STA TX TID counter value
get_rx_tid <BSSID> <STA> <TID> = get STA RX TID counter value
help = show this usage help
$ wlantest_cli help add_passphrase
commands:
add_passphrase <passphrase> = add a known passphrase
Gokul Sivakumar [Wed, 3 Nov 2021 16:50:20 +0000 (22:20 +0530)]
wlantest: Properly free allocated memory on error exit paths
In the cases when a failure is experienced, the value "-1" was returned
from the main() function without doing any cleanup or deinit.
For example, if wlantest was started with the following set of command
line arguments then later when returning after a failure from main()
function, the memory allocated as part of handling the "-p" getopt
command line option was not freed. To fix memory leaks in this case,
properly free the previously allocated memory with the help of
wlantest_deinit() before returning from main().
Memory leak reported by Valgrind when running wlantest as mentioned above.
==513454== HEAP SUMMARY:
==513454== in use at exit: 128 bytes in 1 blocks
==513454== total heap usage: 4 allocs, 3 frees, 5,720 bytes allocated
==513454==
==513454== Searching for pointers to 1 not-freed blocks
==513454== Checked 76,936 bytes
==513454==
==513454== 128 bytes in 1 blocks are definitely lost in loss record 1 of 1
==513454== at 0x483DD99: calloc (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
==513454== by 0x1396CA: os_zalloc (in /home/ubuntu/hostap/wlantest/wlantest)
==513454== by 0x10C345: add_passphrase (wlantest.c:125)
==513454== by 0x10C345: main (wlantest.c:425)
==513454==
==513454== LEAK SUMMARY:
==513454== definitely lost: 128 bytes in 1 blocks
==513454== indirectly lost: 0 bytes in 0 blocks
==513454== possibly lost: 0 bytes in 0 blocks
==513454== still reachable: 0 bytes in 0 blocks
==513454== suppressed: 0 bytes in 0 blocks
==513454==
==513454== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)
D-Bus: Capture group ifname before switching to global P2P instance
The P2P DBus interface was using the wrong interface name when calling
wpas_p2p_invite_group(). Capture the group interface name before calling
the method to fix this.
The commit adds an additional check that checks for overlapping BSSs in
addition to the existing 40 MHz intolerance subfield checks. The commit
cites IEEE Std 802.11-2016, 11.16.12, which defines the proper behavior
for a 20/40 MHz HT STA and AP, but the standard actually doesn't say
anything about overlapping BSSs. Specifically, the standard states that
the only BSSs that belong in the Intolerant channel report are those
that satisfy trigger event A, defined as channels with BSSs that don't
contain the HT capabilities element (which wpa_supplicant already did
before). Note that we also include channels with BSSs that have the 40
MHz intolerance bit set in the Intolerant channel report.
Signed-off-by: Matthew Wang <matthewmwang@chromium.org>
Jouni Malinen [Tue, 7 Dec 2021 15:04:48 +0000 (17:04 +0200)]
DPP2: PKEXv2 core protocol changes
Add support for PKEXv2 core protocol. This defines a new PKEX Exchange
Request message type with protocol negotiation and different rules for
key derivation with PKEXv2 or newer is used.
This does not change existing behavior for PKEX, i.e., the PKEXv1
variant will still be used by default.
Jouni Malinen [Fri, 3 Dec 2021 19:04:03 +0000 (21:04 +0200)]
DPP3: Verify version match during Network Introduction
Verify that the Protocol Version attribute is used appropriate in Peer
Discovery Request/Response messages in cases where the signed Connector
includes the version information.
Jouni Malinen [Fri, 3 Dec 2021 14:33:46 +0000 (16:33 +0200)]
DPP3: Use Connector version instead of current version in Peer Discovery
Generate Peer Discovery Request/Response messages using the protected
version from the Connector, if present, instead of the currently
supported protocol version which might be higher than the one that got
included into the signed Connector during provisioning earlier.
Jouni Malinen [Fri, 3 Dec 2021 10:09:18 +0000 (12:09 +0200)]
DPP3: Add build option for version 3 functionality
CONFIG_DPP3=y can now be used to configure hostapd and wpa_supplicant
builds to include DPP version 3 functionality. This functionality is
still under design and the implementation is experimental and not
suitable to be enabled in production uses before the specification has
been finalized.
Jouni Malinen [Fri, 26 Nov 2021 21:30:15 +0000 (23:30 +0200)]
Fix bool type values for setband
wpa_add_scan_freqs_list() was updated to use bool for the is_6ghz
argument, but these callers were missed when updating the values from
0/1 to false/true.
P2P: Remove 6 GHz channels from full scan if 6 GHz not enabled for P2P
The channels included for the scan to connect to a P2P GO are optimized
such that the P2P GO preferred channel and the common channels are
included for the first few scans followed by a full scan in which all
the channels supported by the local device are included. This results in
P2P client including the 6 GHz channels for the full scan after GO
Negotiation even when 6 GHz channels are not used for the P2P
connection.
Exclude the 6 GHz channels from the full scan if 6 GHz channels are
supported but are not used for P2P connection.
Vinay Gannevaram [Thu, 11 Nov 2021 07:09:28 +0000 (12:39 +0530)]
Update AKMP, cipher, PMF for driver-based SME while roaming
After roaming to a new AP using driver-based SME and roaming trigger,
update proto type, AKMP suite, and pairwise cipher suite based on the
(Re)Association Request frame. Update PMF, group cipher, and group mgmt
cipher based on the AP's RSNE into wpa_sm. group_mgmt_cipher needs to be
updated based on PMF capabilities of STA and roamed AP.
mesh: Change channel to frequency based lookup for starting mesh
Channel numbers of the 6 GHz band overlap those of the 2.4 GHz and 5 GHz
bands. Thus converting to frequency based mesh channel selection helps
accommodate 6 GHz mesh.
Aloka Dixit [Tue, 27 Jul 2021 23:42:26 +0000 (16:42 -0700)]
RNR: Do not allow FILS Discovery and unsolicited Probe Response simultaneously
Reduced neighbor report has a field to indicate whether unsolicited
Probe Response transmission is active. Add a check to return failure if
both FILS discovery and unsolicited Probe Response are enabled at the
same time to ensure that RNR includes valid data.
Signed-off-by: Aloka Dixit <alokad@codeaurora.org>
RNR: Allow Probe Response frame for a colocated 6 GHz AP
When a Probe Request frame from a station includes an SSID matching that
of a co-located 6 GHz AP, AP should respond with a Probe Response frame
that includes Reduced Neighbor Report element containing information
regarding the requested BSS.
Signed-off-by: Muna Sinada <msinada@codeaurora.org> Signed-off-by: Aloka Dixit <alokad@codeaurora.org>
Aloka Dixit [Tue, 27 Jul 2021 23:42:24 +0000 (16:42 -0700)]
RNR: Update Beacon frames for 6 GHz colocation
Update 2.4/5 GHz Beacon frames every time Beacon frames for co-located 6
GHz AP(s) are set. This is required for 6 GHz out-of-band discovery so
that lower band Beacon frames will include RNR element with 6 GHz AP
information irrespective of the AP bring-up order. Similarly, RNR is
included in FILS Discovery frames by default in 6 GHz-only mode,
updating the Beacon frames will remove it when co-located 2.4/5 GHz
interfaces are brought up.
This change also ensures that the changes in 6 GHz AP configuration such
as new channel and bandwidth get reflected in the lower bands Beacon
frames.
Signed-off-by: Aloka Dixit <alokad@codeaurora.org>
John Crispin [Tue, 27 Jul 2021 23:42:22 +0000 (16:42 -0700)]
RNR: Additions for a 6 GHz AP
Include Reduced Neighbor Report element in Beacon and Probe Response
frames by default if the reporting AP is 2.4/5 GHz and it is co-located
with a 6 GHz AP. Similarly, include RNR by default in FILS Discovery
frames if the AP is a standalone 6 GHz AP.
Signed-off-by: John Crispin <john@phrozen.org> Co-developed-by: Aloka Dixit <alokad@codeaurora.org> Signed-off-by: Aloka Dixit <alokad@codeaurora.org>
John Crispin [Tue, 27 Jul 2021 23:42:21 +0000 (16:42 -0700)]
RNR: Add co-located BSSes
Calculate the length and include data for the BSSes active on the same
radio as the reporting BSS in the Reduced Neighbor Report element. This
element is included in Beacon and Probe Response frames.
Signed-off-by: John Crispin <john@phrozen.org> Co-developed-by: Pradeep Kumar Chitrapu <pradeepc@codeaurora.org> Signed-off-by: Pradeep Kumar Chitrapu <pradeepc@codeaurora.org> Co-developed-by: Muna Sinada <msinada@codeaurora.org> Signed-off-by: Muna Sinada <msinada@codeaurora.org> Co-developed-by: Aloka Dixit <alokad@codeaurora.org> Signed-off-by: Aloka Dixit <alokad@codeaurora.org>
John Crispin [Tue, 27 Jul 2021 23:42:20 +0000 (16:42 -0700)]
RNR: Add data from neighbor database
Include data from the existing neighbor database in the Reduced Neighbor
Report element in Beacon frames if the configuration option 'rnr' is
enabled for the BSS.
Signed-off-by: John Crispin <john@phrozen.org> Signed-off-by: Muna Sinada <msinada@codeaurora.org> Co-developed-by: Aloka Dixit <alokad@codeaurora.org> Signed-off-by: Aloka Dixit <alokad@codeaurora.org>
Jouni Malinen [Mon, 8 Nov 2021 21:42:02 +0000 (23:42 +0200)]
Share a common error path for SET_NEIGHBOR control interface command
Instead of constructing a custom error handler freeing the same set of
allocated memory areas on various error cases, share the success path
freeing implementation for the error cases as well.
John Crispin [Tue, 27 Jul 2021 23:42:17 +0000 (16:42 -0700)]
RNR: Add bss_parameters to the neighbor_db
Add a new field to include BSS Parameter subfield in the neighbor
database as described in IEEE Std 802.11ax-2021, Figure 9-632a (BSS
Parameters subfield format). This field holds information related to
multiple BSSID, access point co-location, and 20 TU probe response
active/inactive state.
Signed-off-by: John Crispin <john@phrozen.org> Signed-off-by: Aloka Dixit <alokad@codeaurora.org>
Vinay Gannevaram [Thu, 28 Oct 2021 17:51:00 +0000 (23:21 +0530)]
Update AKMP and proto for driver-based SME while roaming
After roaming to a new AP using driver-based SME and roaming trigger,
AKMP and proto were not updated in wpa_sm. Hence, update AKMP and proto
used with roamed AP when association event received from the driver in
SME offloaded to the driver scenario to avoid incorrect AKMP details in
wpa_supplicant similarly to how the cipher suite updates were added in
commit 2b3e64a0fb5f ("Update ciphers to address GTK renewal failures
while roaming") .
projects / thirdparty / hostap.git / log
