diff --git a/components/wpa_supplicant/src/esp_supplicant/esp_wpa2.c b/components/wpa_supplicant/src/esp_supplicant/esp_wpa2.c index e391e21490..effa659e66 100644 --- a/components/wpa_supplicant/src/esp_supplicant/esp_wpa2.c +++ b/components/wpa_supplicant/src/esp_supplicant/esp_wpa2.c @@ -45,6 +45,7 @@ #include "esp_wifi_driver.h" #include "esp_private/wifi.h" #include "esp_wpa_err.h" +#include "esp_wpa2_i.h" #define WPA2_VERSION "v2.0" @@ -72,6 +73,7 @@ static int wpa2_start_eapol_internal(void); int wpa2_post(uint32_t sig, uint32_t par); #ifdef USE_WPA2_TASK +#define WPA2_TASK_PRIORITY 7 static TaskHandle_t s_wpa2_task_hdl = NULL; static void *s_wpa2_queue = NULL; static wpa2_state_t s_wpa2_state = WPA2_STATE_DISABLED; @@ -124,6 +126,15 @@ static void wpa2_set_eap_state(wpa2_ent_eap_state_t state) esp_wifi_set_wpa2_ent_state_internal(state); } +wpa2_ent_eap_state_t wpa2_get_eap_state(void) +{ + if (!gEapSm) { + return WPA2_ENT_EAP_STATE_NOT_START; + } + + return gEapSm->finish_state; +} + static inline void wpa2_task_delete(void *arg) { void *my_task_hdl = xTaskGetCurrentTaskHandle(); @@ -799,7 +810,7 @@ static int eap_peer_sm_init(void) gEapSm = sm; #ifdef USE_WPA2_TASK s_wpa2_queue = xQueueCreate(SIG_WPA2_MAX, sizeof( s_wpa2_queue ) ); - ret = xTaskCreate(wpa2_task, "wpa2T", WPA2_TASK_STACK_SIZE, NULL, 2, &s_wpa2_task_hdl); + ret = xTaskCreate(wpa2_task, "wpa2T", WPA2_TASK_STACK_SIZE, NULL, WPA2_TASK_PRIORITY, &s_wpa2_task_hdl); if (ret != pdPASS) { wpa_printf(MSG_ERROR, "wps enable: failed to create task"); ret = ESP_FAIL; diff --git a/components/wpa_supplicant/src/esp_supplicant/esp_wpa2_i.h b/components/wpa_supplicant/src/esp_supplicant/esp_wpa2_i.h new file mode 100644 index 0000000000..06f356c5ca --- /dev/null +++ b/components/wpa_supplicant/src/esp_supplicant/esp_wpa2_i.h @@ -0,0 +1,14 @@ +/* + * SPDX-FileCopyrightText: 2023 Espressif Systems (Shanghai) CO LTD + * + * SPDX-License-Identifier: Apache-2.0 + */ + +#ifndef ESP_WPA2_I_H +#define ESP_WPA2_I_H + +#include "esp_wifi_driver.h" + +wpa2_ent_eap_state_t wpa2_get_eap_state(void); + +#endif diff --git a/components/wpa_supplicant/src/rsn_supp/wpa.c b/components/wpa_supplicant/src/rsn_supp/wpa.c index 3bed11895b..bb3a3df1cc 100644 --- a/components/wpa_supplicant/src/rsn_supp/wpa.c +++ b/components/wpa_supplicant/src/rsn_supp/wpa.c @@ -30,6 +30,7 @@ #include "crypto/aes_wrap.h" #include "crypto/ccmp.h" #include "esp_rom_sys.h" +#include "esp_supplicant/esp_wpa2_i.h" /** * eapol_sm_notify_eap_success - Notification of external EAP success trigger @@ -484,7 +485,7 @@ static int wpa_supplicant_get_pmk(struct wpa_sm *sm, if (buf) { wpa_sm_ether_send(sm, sm->bssid, ETH_P_EAPOL, buf, buflen); - os_free(buf); + wpa_sm_free_eapol(buf); return -2; } @@ -584,6 +585,14 @@ void wpa_supplicant_process_1_of_4(struct wpa_sm *sm, u8 *kde, *kde_buf = NULL; size_t kde_len; + if (is_wpa2_enterprise_connection()) { + wpa2_ent_eap_state_t state = wpa2_get_eap_state(); + if (state == WPA2_ENT_EAP_STATE_IN_PROGRESS) { + wpa_printf(MSG_INFO, "EAP Success has not been processed yet." + " Drop EAPOL message."); + return; + } + } wpa_sm_set_state(WPA_FIRST_HALF_4WAY_HANDSHAKE); wpa_printf(MSG_DEBUG, "WPA 1/4-Way Handshake\n");