From 56d7991b6076e383dd3a87947ad7bf789b0536a7 Mon Sep 17 00:00:00 2001 From: nbd Date: Tue, 15 Jul 2008 01:40:55 +0000 Subject: Upgrade wpa_supplicant to 0.6.3 and add some improvements (mainly for roaming with ap_scan=1) Remove arch specific config files (they seem rather pointless) Remove the dependency on OpenSSL (use small built-in SSL functions) git-svn-id: svn://svn.openwrt.org/openwrt/trunk@11833 3c298f89-4303-0410-b956-a3cf2f4a3e73 --- .../patches/100-timestamp_check.patch | 17 +++ package/wpa_supplicant/patches/110-roaming.patch | 51 +++++++ package/wpa_supplicant/patches/120-ssid_scan.patch | 41 +++++ package/wpa_supplicant/patches/130-scanning.patch | 167 +++++++++++++++++++++ 4 files changed, 276 insertions(+) create mode 100644 package/wpa_supplicant/patches/100-timestamp_check.patch create mode 100644 package/wpa_supplicant/patches/110-roaming.patch create mode 100644 package/wpa_supplicant/patches/120-ssid_scan.patch create mode 100644 package/wpa_supplicant/patches/130-scanning.patch (limited to 'package/wpa_supplicant/patches') diff --git a/package/wpa_supplicant/patches/100-timestamp_check.patch b/package/wpa_supplicant/patches/100-timestamp_check.patch new file mode 100644 index 000000000..d994a65ae --- /dev/null +++ b/package/wpa_supplicant/patches/100-timestamp_check.patch @@ -0,0 +1,17 @@ +Index: wpa_supplicant-0.6.3/src/tls/x509v3.c +=================================================================== +--- wpa_supplicant-0.6.3.orig/src/tls/x509v3.c 2008-02-23 03:45:24.000000000 +0100 ++++ wpa_supplicant-0.6.3/src/tls/x509v3.c 2008-07-09 12:47:19.000000000 +0200 +@@ -1551,8 +1551,11 @@ + if (chain_trusted) + continue; + +- if ((unsigned long) now.sec < ++ if ( ++#ifndef NO_TIMESTAMP_CHECK ++ (unsigned long) now.sec < + (unsigned long) cert->not_before || ++#endif + (unsigned long) now.sec > + (unsigned long) cert->not_after) { + wpa_printf(MSG_INFO, "X509: Certificate not valid " diff --git a/package/wpa_supplicant/patches/110-roaming.patch b/package/wpa_supplicant/patches/110-roaming.patch new file mode 100644 index 000000000..8c6210da1 --- /dev/null +++ b/package/wpa_supplicant/patches/110-roaming.patch @@ -0,0 +1,51 @@ +This patch decreases the timeouts for assoc/auth to more realistic values. Improves roaming speed +Index: wpa_supplicant-0.6.3/wpa_supplicant/events.c +=================================================================== +--- wpa_supplicant-0.6.3.orig/wpa_supplicant/events.c 2008-02-23 03:45:24.000000000 +0100 ++++ wpa_supplicant-0.6.3/wpa_supplicant/events.c 2008-07-09 15:13:37.000000000 +0200 +@@ -762,7 +762,7 @@ + wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); + } else if (!ft_completed) { + /* Timeout for receiving the first EAPOL packet */ +- wpa_supplicant_req_auth_timeout(wpa_s, 10, 0); ++ wpa_supplicant_req_auth_timeout(wpa_s, 3, 0); + } + wpa_supplicant_cancel_scan(wpa_s); + +Index: wpa_supplicant-0.6.3/wpa_supplicant/scan.c +=================================================================== +--- wpa_supplicant-0.6.3.orig/wpa_supplicant/scan.c 2008-02-23 03:45:24.000000000 +0100 ++++ wpa_supplicant-0.6.3/wpa_supplicant/scan.c 2008-07-09 15:13:37.000000000 +0200 +@@ -144,6 +144,7 @@ + return; + } + ++ wpa_drv_flush_pmkid(wpa_s); + if (wpa_s->use_client_mlme) { + ieee80211_sta_set_probe_req_ie(wpa_s, extra_ie, extra_ie_len); + ret = ieee80211_sta_req_scan(wpa_s, ssid ? ssid->ssid : NULL, +@@ -156,7 +157,7 @@ + + if (ret) { + wpa_printf(MSG_WARNING, "Failed to initiate AP scan."); +- wpa_supplicant_req_scan(wpa_s, 10, 0); ++ wpa_supplicant_req_scan(wpa_s, 3, 0); + } + } + +Index: wpa_supplicant-0.6.3/wpa_supplicant/wpa_supplicant.c +=================================================================== +--- wpa_supplicant-0.6.3.orig/wpa_supplicant/wpa_supplicant.c 2008-02-23 03:45:24.000000000 +0100 ++++ wpa_supplicant-0.6.3/wpa_supplicant/wpa_supplicant.c 2008-07-09 15:13:37.000000000 +0200 +@@ -1092,9 +1092,9 @@ + /* Timeout for IEEE 802.11 authentication and association */ + int timeout; + if (assoc_failed) +- timeout = 5; ++ timeout = 2; + else if (wpa_s->conf->ap_scan == 1) +- timeout = 10; ++ timeout = 3; + else + timeout = 60; + wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0); diff --git a/package/wpa_supplicant/patches/120-ssid_scan.patch b/package/wpa_supplicant/patches/120-ssid_scan.patch new file mode 100644 index 000000000..b4127fa9a --- /dev/null +++ b/package/wpa_supplicant/patches/120-ssid_scan.patch @@ -0,0 +1,41 @@ +Don't do broadcast SSID scans, if all configured SSIDs use scan_ssid=1. Improves background scanning in supplicant-managed roaming. + +Index: wpa_supplicant-0.6.3/wpa_supplicant/scan.c +=================================================================== +--- wpa_supplicant-0.6.3.orig/wpa_supplicant/scan.c 2008-07-09 18:53:28.000000000 +0200 ++++ wpa_supplicant-0.6.3/wpa_supplicant/scan.c 2008-07-09 19:00:55.000000000 +0200 +@@ -48,11 +48,23 @@ + int enabled, scan_req = 0, ret; + const u8 *extra_ie = NULL; + size_t extra_ie_len = 0; ++ int scan_ssid_all = 1; + + if (wpa_s->disconnected && !wpa_s->scan_req) + return; + + enabled = 0; ++ ++ /* check if all configured ssids should be scanned directly */ ++ ssid = wpa_s->conf->ssid; ++ while (ssid) { ++ if (!ssid->scan_ssid) { ++ scan_ssid_all = 0; ++ break; ++ } ++ ssid = ssid->next; ++ } ++ + ssid = wpa_s->conf->ssid; + while (ssid) { + if (!ssid->disabled) { +@@ -125,6 +137,10 @@ + return; + } + ++ if (scan_ssid_all && !ssid) { ++ ssid = wpa_s->conf->ssid; ++ } ++ + wpa_printf(MSG_DEBUG, "Starting AP scan (%s SSID)", + ssid ? "specific": "broadcast"); + if (ssid) { diff --git a/package/wpa_supplicant/patches/130-scanning.patch b/package/wpa_supplicant/patches/130-scanning.patch new file mode 100644 index 000000000..4b3dc970f --- /dev/null +++ b/package/wpa_supplicant/patches/130-scanning.patch @@ -0,0 +1,167 @@ +Add a scan result cache to improve roaming speed if the driver gave us a background scan before losing the connection. + +Index: wpa_supplicant-0.6.3/wpa_supplicant/config.h +=================================================================== +--- wpa_supplicant-0.6.3.orig/wpa_supplicant/config.h 2008-02-23 03:45:24.000000000 +0100 ++++ wpa_supplicant-0.6.3/wpa_supplicant/config.h 2008-07-10 15:08:21.000000000 +0200 +@@ -97,6 +97,12 @@ + int ap_scan; + + /** ++ * scan_cache - controls the time in seconds after the last scan results ++ * before a new scan may be initiated ++ */ ++ int scan_cache; ++ ++ /** + * ctrl_interface - Parameters for the control interface + * + * If this is specified, %wpa_supplicant will open a control interface +Index: wpa_supplicant-0.6.3/wpa_supplicant/config_file.c +=================================================================== +--- wpa_supplicant-0.6.3.orig/wpa_supplicant/config_file.c 2008-02-23 03:45:24.000000000 +0100 ++++ wpa_supplicant-0.6.3/wpa_supplicant/config_file.c 2008-07-10 15:59:38.000000000 +0200 +@@ -312,6 +312,13 @@ + return 0; + } + ++static int wpa_config_process_scan_cache(struct wpa_config *config, char *pos) ++{ ++ config->scan_cache = atoi(pos); ++ wpa_printf(MSG_DEBUG, "scan_cache=%d", config->scan_cache); ++ return 0; ++} ++ + + static int wpa_config_process_fast_reauth(struct wpa_config *config, char *pos) + { +@@ -445,6 +452,9 @@ + if (os_strncmp(pos, "ap_scan=", 8) == 0) + return wpa_config_process_ap_scan(config, pos + 8); + ++ if (os_strncmp(pos, "scan_cache=", 11) == 0) ++ return wpa_config_process_scan_cache(config, pos + 11); ++ + if (os_strncmp(pos, "fast_reauth=", 12) == 0) + return wpa_config_process_fast_reauth(config, pos + 12); + +@@ -810,6 +820,8 @@ + fprintf(f, "eapol_version=%d\n", config->eapol_version); + if (config->ap_scan != DEFAULT_AP_SCAN) + fprintf(f, "ap_scan=%d\n", config->ap_scan); ++ if (config->scan_cache != 0) ++ fprintf(f, "scan_cache=%d\n", config->scan_cache); + if (config->fast_reauth != DEFAULT_FAST_REAUTH) + fprintf(f, "fast_reauth=%d\n", config->fast_reauth); + #ifdef EAP_TLS_OPENSSL +Index: wpa_supplicant-0.6.3/wpa_supplicant/events.c +=================================================================== +--- wpa_supplicant-0.6.3.orig/wpa_supplicant/events.c 2008-07-10 13:27:03.000000000 +0200 ++++ wpa_supplicant-0.6.3/wpa_supplicant/events.c 2008-07-10 17:18:53.000000000 +0200 +@@ -555,6 +555,9 @@ + if (wpa_s->conf->ap_scan == 2 || wpa_s->disconnected) + return; + ++ if (wpa_s->wpa_state > WPA_ASSOCIATED) ++ goto done; ++ + while (selected == NULL) { + for (prio = 0; prio < wpa_s->conf->num_prio; prio++) { + selected = wpa_supplicant_select_bss( +@@ -594,13 +597,16 @@ + rsn_preauth_scan_results(wpa_s->wpa, wpa_s->scan_res); + } else { + wpa_printf(MSG_DEBUG, "No suitable AP found."); +- timeout = 5; ++ timeout = 1; + goto req_scan; + } + ++done: ++ os_get_time(&wpa_s->last_scan_results); + return; + + req_scan: ++ memset(&wpa_s->last_scan_results, 0, sizeof(wpa_s->last_scan_results)); + if (wpa_s->scan_res_tried == 1 && wpa_s->conf->ap_scan == 1) { + /* + * Quick recovery if the initial scan results were not +@@ -804,6 +810,9 @@ + } + if (wpa_s->wpa_state >= WPA_ASSOCIATED) + wpa_supplicant_req_scan(wpa_s, 0, 100000); ++ else if (wpa_s->wpa_state == WPA_ASSOCIATING) ++ wpa_supplicant_req_auth_timeout(wpa_s, 0, 100000); ++ + bssid = wpa_s->bssid; + if (os_memcmp(bssid, "\x00\x00\x00\x00\x00\x00", ETH_ALEN) == 0) + bssid = wpa_s->pending_bssid; +Index: wpa_supplicant-0.6.3/wpa_supplicant/wpa_supplicant_i.h +=================================================================== +--- wpa_supplicant-0.6.3.orig/wpa_supplicant/wpa_supplicant_i.h 2008-07-10 15:03:56.000000000 +0200 ++++ wpa_supplicant-0.6.3/wpa_supplicant/wpa_supplicant_i.h 2008-07-10 15:16:17.000000000 +0200 +@@ -334,6 +334,7 @@ + struct wpa_client_mlme mlme; + int use_client_mlme; + int driver_4way_handshake; ++ struct os_time last_scan_results; + }; + + +@@ -381,6 +382,7 @@ + + /* scan.c */ + void wpa_supplicant_req_scan(struct wpa_supplicant *wpa_s, int sec, int usec); ++int wpa_supplicant_may_scan(struct wpa_supplicant *wpa_s); + void wpa_supplicant_cancel_scan(struct wpa_supplicant *wpa_s); + + /* events.c */ +Index: wpa_supplicant-0.6.3/wpa_supplicant/scan.c +=================================================================== +--- wpa_supplicant-0.6.3.orig/wpa_supplicant/scan.c 2008-07-10 13:27:03.000000000 +0200 ++++ wpa_supplicant-0.6.3/wpa_supplicant/scan.c 2008-07-10 16:24:31.000000000 +0200 +@@ -40,6 +40,18 @@ + wpa_supplicant_event(wpa_s, EVENT_ASSOC, &data); + } + ++int wpa_supplicant_may_scan(struct wpa_supplicant *wpa_s) ++{ ++ struct os_time time; ++ ++ if (wpa_s->conf->scan_cache > 0) { ++ os_get_time(&time); ++ time.sec -= wpa_s->conf->scan_cache; ++ if (os_time_before(&time, &wpa_s->last_scan_results)) ++ return 0; ++ } ++ return 1; ++} + + static void wpa_supplicant_scan(void *eloop_ctx, void *timeout_ctx) + { +@@ -150,8 +162,9 @@ + } else + wpa_s->prev_scan_ssid = BROADCAST_SSID_SCAN; + +- if (wpa_s->scan_res_tried == 0 && wpa_s->conf->ap_scan == 1 && +- !wpa_s->use_client_mlme) { ++ if (!wpa_supplicant_may_scan(wpa_s) || ++ (wpa_s->scan_res_tried == 0 && wpa_s->conf->ap_scan == 1 && ++ !wpa_s->use_client_mlme)) { + wpa_s->scan_res_tried++; + wpa_printf(MSG_DEBUG, "Trying to get current scan results " + "first without requesting a new scan to speed up " +Index: wpa_supplicant-0.6.3/wpa_supplicant/wpa_supplicant.c +=================================================================== +--- wpa_supplicant-0.6.3.orig/wpa_supplicant/wpa_supplicant.c 2008-07-10 14:41:16.000000000 +0200 ++++ wpa_supplicant-0.6.3/wpa_supplicant/wpa_supplicant.c 2008-07-10 18:45:59.000000000 +0200 +@@ -1417,6 +1417,9 @@ + { + struct wpa_supplicant *wpa_s = ctx; + ++ if (wpa_s->wpa_state < WPA_ASSOCIATING) ++ return; ++ + wpa_printf(MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr)); + wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len); + -- cgit v1.2.3