Ignore BSS temporary on PSK mismatch

In a controlled test environment, using two APs with the same SSID but
different passwords, connection to the correct AP (AP#2) failed. This
was particularly evident when AP#2 utilized a WPA/WPA2 TKIP+AES
configuration (CCMP pairwise, TKIP group cipher), highlighting challenges
in correctly discerning PSK mismatches across varied security types.

To resolve this, the ignore the BSS resulting in a PSK mismatch
temporarily. This forces wpa_supplicant to consider and attempt
connection to other available BSSs for the same ESS, allowing it to
eventually reach the correct access point accepting the locally
configured parameters.

This enhances connection reliability in dense or complex Wi-Fi
environments where multiple APs share an SSID but have varying security
credentials.

Signed-off-by: Hu Wang <huw@qti.qualcomm.com>

diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c
index 37241b9f258f76b8fd76a15be723a80230a7fac7..0e48a31a22fb69d1f1ee18dc8f774e81794d4002 100644 (file)
--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
@@ -4727,6 +4727,10 @@ static void wpa_supplicant_event_disassoc_finish(struct wpa_supplicant *wpa_s,
                        "pre-shared key may be incorrect");
                if (wpas_p2p_4way_hs_failed(wpa_s) > 0)
                        return; /* P2P group removed */
+               bssid = wpa_s->bssid;
+               if (is_zero_ether_addr(bssid))
+                       bssid = wpa_s->pending_bssid;
+               wpa_bssid_ignore_add(wpa_s, bssid);
                wpas_auth_failed(wpa_s, "WRONG_KEY", wpa_s->pending_bssid);
                wpas_notify_psk_mismatch(wpa_s);
        }