From e3cc2e8a0dfaaedfd39d6e9dd24c5b78081a8f57 Mon Sep 17 00:00:00 2001
From: "kapil.gupta" <kapil.gupta@espressif.com>
Date: Tue, 10 Nov 2020 13:34:55 +0530
Subject: [PATCH] ESP-WIFI: Optimize 4way handshake failure time

In case of wrong passpharse, AP will keep on sending 1/4 multiple
times which may take around 10 secs to disconnect and detect
wrong password event.

Add changes to reject EAPOL1 after 3 consecutive reception
---
 .../src/esp_supplicant/esp_wifi_driver.h               |  1 +
 components/wpa_supplicant/src/rsn_supp/wpa.c           | 10 ++++++++++
 components/wpa_supplicant/src/rsn_supp/wpa_i.h         |  1 +
 3 files changed, 12 insertions(+)

diff --git a/components/wpa_supplicant/src/esp_supplicant/esp_wifi_driver.h b/components/wpa_supplicant/src/esp_supplicant/esp_wifi_driver.h
index e394658e53..bafe01e451 100644
--- a/components/wpa_supplicant/src/esp_supplicant/esp_wifi_driver.h
+++ b/components/wpa_supplicant/src/esp_supplicant/esp_wifi_driver.h
@@ -235,6 +235,7 @@ esp_err_t esp_wifi_set_wps_start_flag_internal(bool start);
 uint16_t esp_wifi_sta_pmf_enabled(void);
 wifi_cipher_type_t esp_wifi_sta_get_mgmt_group_cipher(void);
 int esp_wifi_set_igtk_internal(uint8_t if_index, const wifi_wpa_igtk_t *igtk);
+esp_err_t esp_wifi_internal_issue_disconnect(uint8_t reason_code);
 bool esp_wifi_skip_supp_pmkcaching(void);
 
 #endif /* _ESP_WIFI_DRIVER_H_ */
diff --git a/components/wpa_supplicant/src/rsn_supp/wpa.c b/components/wpa_supplicant/src/rsn_supp/wpa.c
index a8cd88b504..afff8dfc9c 100644
--- a/components/wpa_supplicant/src/rsn_supp/wpa.c
+++ b/components/wpa_supplicant/src/rsn_supp/wpa.c
@@ -48,6 +48,7 @@
 #define WPA_TX_MSG_BUFF_MAXLEN 200
 
 #define ASSOC_IE_LEN 24 + 2 + PMKID_LEN + RSN_SELECTOR_LEN
+#define MAX_EAPOL_RETRIES 3
 u8 assoc_ie_buf[ASSOC_IE_LEN+2]; 
 
 void set_assoc_ie(u8 * assoc_buf);
@@ -1947,6 +1948,14 @@ int   wpa_sm_rx_eapol(u8 *src_addr, u8 *buf, u32 len)
             wpa_supplicant_process_3_of_4(sm, key, ver);
         } else {
             /* 1/4 4-Way Handshake */
+            sm->eapol1_count++;
+            if (sm->eapol1_count > MAX_EAPOL_RETRIES) {
+#ifdef DEBUG_PRINT
+                wpa_printf(MSG_INFO, "EAPOL1 received for %d times, sending deauth", sm->eapol1_count);
+#endif
+                esp_wifi_internal_issue_disconnect(WLAN_REASON_4WAY_HANDSHAKE_TIMEOUT);
+                goto out;
+            }
             wpa_supplicant_process_1_of_4(sm, src_addr, key,
                               ver);
         }
@@ -2143,6 +2152,7 @@ int wpa_set_bss(char *macddr, char * bssid, u8 pairwise_cipher, u8 group_cipher,
         }
     }
  
+    sm->eapol1_count = 0;
 #ifdef CONFIG_IEEE80211W
     if (esp_wifi_sta_pmf_enabled()) {
         wifi_config_t wifi_cfg;
diff --git a/components/wpa_supplicant/src/rsn_supp/wpa_i.h b/components/wpa_supplicant/src/rsn_supp/wpa_i.h
index e0242fbcb7..3ec8ba91d9 100644
--- a/components/wpa_supplicant/src/rsn_supp/wpa_i.h
+++ b/components/wpa_supplicant/src/rsn_supp/wpa_i.h
@@ -90,6 +90,7 @@ struct wpa_sm {
     u16 txcb_flags;
     bool   ap_notify_completed_rsne;
     wifi_pmf_config_t pmf_cfg;
+    u8 eapol1_count;
 };
 
 /**