Search Linux Wireless

Re: [PATCH 5/9] cfg80211/nl80211: add authorized flag to roaming event

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 4/28/2017 11:02 PM, Johannes Berg wrote:

On Wed, 2017-04-26 at 12:05 +0200, Arend van Spriel wrote:



the mobility domain does not require new 802.1X authentication, but
roaming to another mobility domain does.


Not sure about the terminology here. Is "mobility domain" the same
as  "ESS" which stands for extended service set as definced in
802.11  standard. If so, I would prefer use of that term here.


No. "Mobility domain" was defined in 802.11r, it's unrelated to ESS.
Thanks for the reference. So a "Mobility domain" is a group of BSSes within the same ESS. Noted. 


+ * @authorized: true if the 802.1X authentication was done by the
driver or is
+ *	not needed (e.g., when Fast Transition protocol was
used), false
+ *	otherwise. Ignored for networks that don't use 802.1X
authentication.


It is not ignored in this patch so it is expected user-space
behavior you are describing, which is not really needed here in
cfg80211 driver api.


Still kinda makes sense though to give that hint to the driver authors,
don't you think? Though it should be pretty clear ...
I tend to look further than the cfg80211 API ;-) Agree that is good to have it within the scope of the cfg80211 driver API. 


    *	well to remain backwards compatible.
    * @NL80211_CMD_ROAM: request that the card roam (currently not
implemented),


Do we want to keep this comment about the request scenario. Is it
likely implemented soon/ever?


Heh, good question. Probably not, but it's kinda an unrelated cleanup,
no?


True. It just seems a good time to do it.


    *	sent as an event when the card/driver roamed by itself.
+ *	When used as an event, and the driver roamed in a
network that requires
+ *	802.1X authentication,
%NL80211_ATTR_CONNECTION_AUTHORIZED should be set
+ *	if the 802.1X authentication was done by the driver or
if roaming was
+ *	done using Fast Transition protocol (in which case
802.1X authentication
+ *	is not needed). If %NL80211_ATTR_CONNECTION_AUTHORIZED
is not set,
+ *	user space is responsible for the 802.1X authentication.


Would you consider using NL80211_ATTR_PORT_AUTHORIZED instead
referring to the 802.1X port entities.


I guess that makes sense, yeah.
So I will include this patch in my patchset for PSK/1X offloading taken above into account. 

Regards,
Arend
[Index of Archives]     [Linux Host AP]     [ATH6KL]     [Linux Wireless Personal Area Network]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Linux Kernel]     [IDE]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite Hiking]     [MIPS Linux]     [ARM Linux]     [Linux RAID]

  Powered by Linux