On Thu, 2017-02-23 at 16:26 +0530, Jithu Jance wrote: > On Thu, Feb 23, 2017 at 4:10 PM, Arend Van Spriel > <arend.vanspr...@broadcom.com> wrote: > > > > Ehm. Looking at the code in wpa_supplicant_event_assoc() it would > > be > > better to use NL80211_CMD_EAPOL_PORT_VALID event to cover both > > WPA/WPA2-PSK and 8021X. > > Yes. IMHO, the assoc/reassoc ind should move the state to > WPA_ASSOCIATED and a separate event like > NL80211_CMD_EAPOL_PORT_VALID/AUTHORIZED should move the connection > state to WPA_COMPLETED.
That seems reasonable. Avi just looked also at distinguishing if/when fresh 1X authentication is required, particularly with roaming. For that, he's suggesting to add a flag AUTHORIZED to the ROAMED event. We could, possibly, have a PORT_AUTHORIZED event for that as well, but it'd be more complicated, since then you'd have to wait for that and if it doesn't come time out - or we'd need a "PORT_UNAUTHORIZED" or "PLEASE_START_1X" instead? None of that really seems like such a great idea. Perhaps instead it'd make sense to instead include the new AUTHORIZED flag in the CONNECT_RESULT as well, if authorized? I basically see 3 valid cases: * connection successful with authorized port * connection successful with need for 1X handshake (non-offloaded) * connection failed Why should we have the case of * association successful but 4-way-HS failed separately? johannes
