[connman] Upgrade upstream WiFi plugin to latest. Fixes JB#62992#86
Open
LaakkonenJussi wants to merge 10 commits intosailfishos:masterfrom
Open
[connman] Upgrade upstream WiFi plugin to latest. Fixes JB#62992#86LaakkonenJussi wants to merge 10 commits intosailfishos:masterfrom
LaakkonenJussi wants to merge 10 commits intosailfishos:masterfrom
Conversation
LaakkonenJussi
force-pushed
the
jb62571
branch
from
a1a8171 to
f311ab5
Compare
LaakkonenJussi
changed the title
LaakkonenJussi
changed the title
LaakkonenJussi
force-pushed
the
jb62571
branch
4 times, most recently
from
d750717 to
6a04942
Compare
LaakkonenJussi
force-pushed
the
jb62571
branch
4 times, most recently
from
af1b409 to
0bec176
Compare
Implement WPA3-SAE authentication on connman side using wpa_supplicant backend. Initially based on Tizen project: https://review.tizen.org/git/?p=platform/upstream/connman.git (cherry picked from commit a088730)
This commit adds support for WPA3-Personal transition mode, which supports both WPA2-Personal (PSK) and WPA3-Personal (SAE). Based on the AP accepted key management protocols, connman configures wpa_supplicant as follows: * WPA3-Personal-only mode: key_mgmt="SAE" ; ieee80211w=2 * WPA3-Personal transition mode: key_mgmt="SAE WPA-PSK" ; ieee80211w=1 (cherry picked from commit 9a54df5)
In ssid_init(), the pointer members of GSupplicantSSID *ssid was initialised to point to members of a connman_network, which get freed and replaced, causing ssid's pointers to point to freed heap memory. To mitigate this, these members are duplicated and then freed and along with ssid when no longer needed. (cherry picked from commit 481d08f)
On WPA3-SAE authentication, wpa_supplicant goes directly from authenticating to disconnected state if the key was invalid. The above is currently not handled and the `connect-failed` error is reported on such cases. In order to make the client agent prompt for a new password, we need to handle this transition and report the `invalid-key` error. (cherry picked from commit 0d5d05f)
The problem is `bss` and `bss->path` can be used after being freed, in this line: g_hash_table_replace(bss_mapping, bss->path, interface); This is because the following call: g_hash_table_replace(network->bss_table, ...) could call remove_bss(), which will free both `bss->path` and `bss`. So this commit switches the order of these statements. Additionally, change `g_hash_table_replace` to `g_hash_table_insert`. We already checked that `network->group` doesn't exist in `interface->network_table` at this point. Co-Authored-By: Chris Johnson <chris.johnson@getcruise.com> (cherry picked from commit 6bd9759)
This replaces 23b09a8a and enables MFPC independent of AP setting which
is needed for WFA certification, see "Wi-Fi CERTIFIED Protected
Management Frames Test Plan v1.9.pdf", 3.3.2 "STAUT requirements".
Additionally key_mgmt is set independent of AP because roaming between
APs with different AKM, e.g. WPA2 -> WPA3 is not working, since WPA-PSK
is still set from first connection.
wpa_supplicant does not try to connect at all in that case:
skip RSN IE - key mgmt mismatch
reject due to mismatch with WPA/WPA2
(cherry picked from commit 5e73b55)
We can enable building the plugin and control the selection of plugin with connman.service.
clang complains with:
gsupplicant/supplicant.c:1220:10: error: expression which evaluates to zero treated as a null pointer constant of type 'const char *' [-Werror,-Wnon-literal-null-conversion]
return G_SUPPLICANT_MODE_UNKNOWN;
^~~~~~~~~~~~~~~~~~~~~~~~~
gsupplicant/supplicant.c:1228:10: error: expression which evaluates to zero treated as a null pointer constant of type 'const char *' [-Werror,-Wnon-literal-null-conversion]
return G_SUPPLICANT_SECURITY_UNKNOWN;
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Return NULL instead of the enum. In both cases the enum is 0, so there
is no change.
(cherry picked from commit dcd775c)
LaakkonenJussi
force-pushed
the
jb62571
branch
from
0bec176 to
7a0819c
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.