aboutsummaryrefslogtreecommitdiffstats
path: root/hostapd/wpa_auth_i.h
diff options
context:
space:
mode:
authorJouni Malinen <jouni.malinen@atheros.com>2008-12-16 12:17:33 (GMT)
committerJouni Malinen <j@w1.fi>2008-12-16 12:17:33 (GMT)
commit22a299ee9d192d06c235428d017234539fbf6a62 (patch)
tree6de9bf6c3829726dd517fe418ef205821104a847 /hostapd/wpa_auth_i.h
parent3d799c0b2cb79f4980b14eea6de80d11ddb75c45 (diff)
downloadhostap-06-22a299ee9d192d06c235428d017234539fbf6a62.zip
hostap-06-22a299ee9d192d06c235428d017234539fbf6a62.tar.gz
hostap-06-22a299ee9d192d06c235428d017234539fbf6a62.tar.bz2
Improve EAPOL-Key handshake stability with retransmitted frames
Accept response to any pending request, not just the last one. This gives the Supplicant more time to reply since hostapd will now allow up to three seconds for the reply to the first EAPOL-Key frame transmission (and two seconds for the first retry and one second for the last) while the previous version invalidated any old request immediately when sending a retransmitted frame. If the Supplicant replies to more than one request, only the first reply to arrive at the Authenticator will be processed. As far as the Supplicant is concerned, this behavior does not differ from the previous one except for being less likely to cause unneeded retransmissions of EAPOL-Key frames. This can help in cases where power saving is used when the group key is rekeyed or when there is excessive traffic on the channel that can delay (or drop) EAPOL-Key frames.
Diffstat (limited to 'hostapd/wpa_auth_i.h')
-rw-r--r--hostapd/wpa_auth_i.h9
1 files changed, 7 insertions, 2 deletions
diff --git a/hostapd/wpa_auth_i.h b/hostapd/wpa_auth_i.h
index 7770d17..3ee6548 100644
--- a/hostapd/wpa_auth_i.h
+++ b/hostapd/wpa_auth_i.h
@@ -15,6 +15,9 @@
#ifndef WPA_AUTH_I_H
#define WPA_AUTH_I_H
+/* max(dot11RSNAConfigGroupUpdateCount,dot11RSNAConfigPairwiseUpdateCount) */
+#define RSNA_MAX_EAPOL_RETRIES 3
+
struct wpa_group;
struct wpa_stsl_negotiation {
@@ -66,8 +69,10 @@ struct wpa_state_machine {
Boolean pairwise_set;
int keycount;
Boolean Pair;
- u8 key_replay_counter[WPA_REPLAY_COUNTER_LEN];
- Boolean key_replay_counter_valid;
+ struct {
+ u8 counter[WPA_REPLAY_COUNTER_LEN];
+ Boolean valid;
+ } key_replay[RSNA_MAX_EAPOL_RETRIES];
Boolean PInitAKeys; /* WPA only, not in IEEE 802.11i */
Boolean PTKRequest; /* not in IEEE 802.11i state machine */
Boolean has_GTK;