On 3-3-2017 13:20, Johannes Berg wrote: > On Thu, 2017-02-23 at 16:26 +0530, Jithu Jance wrote: >> On Thu, Feb 23, 2017 at 4:10 PM, Arend Van Spriel >> <arend.vanspriel@xxxxxxxxxxxx> wrote: >>> >>> Ehm. Looking at the code in wpa_supplicant_event_assoc() it would >>> be >>> better to use NL80211_CMD_EAPOL_PORT_VALID event to cover both >>> WPA/WPA2-PSK and 8021X. >> >> Yes. IMHO, the assoc/reassoc ind should move the state to >> WPA_ASSOCIATED and a separate event like >> NL80211_CMD_EAPOL_PORT_VALID/AUTHORIZED should move the connection >> state to WPA_COMPLETED. > > That seems reasonable. > > Avi just looked also at distinguishing if/when fresh 1X authentication > is required, particularly with roaming. For that, he's suggesting to > add a flag AUTHORIZED to the ROAMED event. > > We could, possibly, have a PORT_AUTHORIZED event for that as well, but > it'd be more complicated, since then you'd have to wait for that and if > it doesn't come time out - or we'd need a "PORT_UNAUTHORIZED" or > "PLEASE_START_1X" instead? None of that really seems like such a great > idea. > > Perhaps instead it'd make sense to instead include the new AUTHORIZED > flag in the CONNECT_RESULT as well, if authorized? I basically see 3 > valid cases: > > * connection successful with authorized port > * connection successful with need for 1X handshake (non-offloaded) > * connection failed > > Why should we have the case of > * association successful but 4-way-HS failed > > separately? I suppose there is no functional behavior that needs to done upon association regardless 4-way HS result, ie. obtaining assoc ie info is only useful if 4-way HS succeeds. I agree using the flag should be sufficient. Regards, Arend
