On Thu, Dec 01, 2022 at 04:43:43PM +0100, Andrzej Ostruszka wrote:
> When MAC randomization settings change we should use new MAC address
> even if we are associating to the same ESS. For example consider this
> scenario:
> - hardware MAC is being used,
> - we disconnect from the network,
> - policy/style is changed via D-Bus to turn randomization on,
> - we reconnect to the same network.
>
> In the last step the randomized address should be used.
>
> Changes to the randomization settings include both changes to the
> policy/style to be used and changes to the pregenerated MAC address
> value in case of mac_addr==3.
That sounds reasonable, but one of the changes seems problematic:
> diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c
> @@ -2436,7 +2445,7 @@ void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
> wpa_s_setup_sae_pt(wpa_s->conf, ssid);
> #endif /* CONFIG_SAE */
>
> - if (rand_style > 0 && !wpa_s->reassoc_same_ess) {
> + if (rand_style > 0) {
> if (wpas_update_random_addr(wpa_s, rand_style, ssid) < 0)
> return;
> wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
Wouldn't this disable PMKSA caching completely for all rand_style > 0
cases? In particular, this flushing of the PMKSA cache entries seems
undesired for rand_style==3 when reassociating within the ESS using the
same MAC address.
--
Jouni Malinen PGP id EFC895FA
_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap
