While using esp_wifi_set_config, flag pmf_capable defaults to 0.
Users may not bother to enable it, which prevents connection to a
WPA3 AP. Or the AP may reset into WPA3 mode failing the re-connection.
To ensure better security, deprecate the pmf_capable flag and set it to
true internally.
Additionally add API esp_wifi_disable_pmf_config to disable PMF for
debug purposes or to avoid PMF issues on AP side.
- Simplify PHY access API
- Move coexist initializing and deinitializing out from PHY API
to Wi-Fi and Bluetooth
- Remove coexist pause and resume for they are no longer needed.
1. add esp_mesh_send_block_time to set blocking time of esp_mesh_send
2. fix the issue that layer2 node connect to lower-layer node when FIXED-ROOT root disappeared
1. Change wifi scan duration from 120ms to 100ms
2. Using deport reg instead of ahb
3. Revert to report specific reason code when receiving deauth during 4-way-handshark
4. Fix the bug that tx ampdu parameter is not from peer device
5. Faster WiFi station connect improvement, avoid 100ms passive scan
6. Add FCS failed packets filter
7.Update esp32 phy lib to v4660
8.Fix country code last byte to space instead of NULL
9.Fix softap cannot forward A-MSDU
10.Fix some typos in esp_wifi.h
11.Fix max tx power to 20dBm
12.Fix the issue that the esp_wifi_sta_get_ap_info can't get country
13.Add support for 802.1x sha256 auth key mode
Rewrite ble dynamic prio to fix ble disconn in conn_param_update/channel_map_update
Rewrite ble dynamic prio in connection establishment
Fix ble dynamic prio with latency
Fix status bit set error when conn fail
1. Add STA checks during STA PMF operations
2. Fix WPA2-Ent issue with Open AP
3. Skip WPA-TKIP profile if PMF is required
4. Skip & clear Supplicant PMK Cache with mismatching AP config
5. Use flag ESP32_WIFI_ENABLE_WPA3_SAE to control WPA3 code, disabling
it code footprint reduces by 7.7kB in libwpa_supplicant.a
6. Fix handling of multiple AP credentials in WPS, apps need update
to handle the new event for the fix to work
Closes https://github.com/espressif/esp-idf/issues/5971
H/W decryption of Mgmt frames was disabled for PMF and done through
S/W. If ESPNOW packets go through this path, it affects backward
compatibility since method of decrypting Mgmt packets is different in H/W.
To address PMF + ESPNOW Co-existance, CCMP decryption method is modified
for ESPNOW packets so that they can be decrypted correctly. Since Tx
of ESPNOW packets can still be done in H/W alongside PMF, no change
required in encryption method in S/W.
Co-Authored-By: Nachiket Kukade <nachiket.kukade@espressif.com>
Co-Authored-By: zhangyanjiao <zhangyanjiao@espressif.com>
Co-Authored-By: kapil.gupta <kapil.gupta@espressif.com>
1. Fix FIX-ROOT does not reconnect to router when disconnect reason is too many
2. Add API esp_mesh_print_scan_result
3. Modify not to reset mesh_xonseq of self and children when flush_upstream_packets
4. Fix not switch to a parent candidate which has the same layer and assoc as current parent
5. Fix not arm parent monitor when a parent candidate is cleared without sending an event to mesh layer
6. Fix the new voted root does not reconnect to router if rssi is weak
1. add sta connect again ap sent disconnect event
2. add set/get inactive time api
3. fix connect hidden AP doesn't update information
4. add rf test long short support
1. Fix TX DMA buffer issue
2. API esp_wifi_get_config add acquisition sta.listen_interval
3. Configure bandwidth and phy mode to store NVS
4. If AP's tsf has been restarted, STA will disconnect from AP.
5. Do not reset softAP's tsf except it restart
6. Fix the WiFi regdomain update bug
7. Fix WiFi fragment issue
1. If the root is specified (FIXED-ROOT) by set type or set parent, change ie.mesh_type to MESH_ROOT before connect to router.
2. Release esp_mesh_recv_toDS when the root becomes non-root.
3. esp_mesh_set_type now supports MESH_IDLE and MESH_STA.
4. Fix ie.rc_rssi is not updated during scan and vote.
5. Fix ie.mesh_type do not match ie.layer caused by parent switch.
6. Fix during root switch, the original root doesn't disconnect from the router after it receives the switch request from the new voted root. (root switch happens by invoking esp_mesh_waive_root).
7. Fix the routing announce timer is not stopped immediately in a new root if the new root is transformed from non-root.
8. Choose the candidate with less ie.assoc when doing parent switch.
Added following as part of this change
1. Removed auth_changed event
2. Updated doc regarding usage of WPA/WEP secuiry modes
3. Fixed WPA2 enterprise authmode threshold.
1. fix the bug for softAP update second channel wrong
2. change wifi_scan_time_t from union to struct
3. query country code wrong when policy change from manual to auto
1. Improve WiFi throughput in some Classic BT scienarios(idle, inquire scan,
connected, sniff, a2dp pause, etc).
2. Support WiFi + Classic BT + BLE mesh coexistence scienario.
3. Improve WiFi scan and connect succeed ratio in coexistence scienario.
4. Do not support to choose software coexistence preference anymore for it is
determined according to coexistence scienario automatically.
components/lwip: increase TCP send buffer and receive window limitation when TCP window scale is enabled
components/ble_mesh: Fix some bugs about ble mesh
1. fix send acl pkt after ble have sent terminate ind modify min adv interval to 10ms.
1. fix the bug when modifying the channel info of peer node
2. fix the crash when modifying peer node between unencrypted and encrypted
3. fix the bug for fetch peer
4. modify the esp_wifi_set_channel() function
5. fix the bug that the channel parameter doesn't work when adding peer node
Closes https://github.com/espressif/esp-idf/issues/2833
Closes https://github.com/espressif/esp-idf/issues/4311
1. Fix WiFi scan leads to poor performance of Bluetooth.
2. Improve WiFi connect success ratio when coexist with Bluetooth.
3. Check if WiFi is still connected when CSA or beacon timeout happen.
4. add coex pre init
1. Add changes in 4-way handshake path to allow SAE key mgmt.
2. Support for configuring WAP3 at init time, added Kconfig option.
3. Handle and propagate error conditions properly.
4. Link changes from WiFi library.
Under WPA3-Personal, SAE authentication is used to derive PMK
which is more secure and immune to offline dictionary attacks.
1. Add modules to generate SAE commit/confirm for the handshake
2. Add modules that build and parse SAE data in Auth frames
3. Add WPA3 association and key mgmt definitions
4. Invert y-bit while solving for ECC co-ordinate -
Once an X co-ordinate is obtained, solving for Y co-ordinate
using an elliptical curve equation results in 2 possible values,
Y and (P - Y), where p is the prime number. The co-ordinates are
used for deriving keys in SAE handshake. As par the 802.11 spec
if LSB of X is same as LSB of Y then Y is chosen, (P - Y) otherwise.
This is not what is implemented, so fix this behavior to obtain the
correct Y co-ordinate.
This change ports SAE(Simultaneous Authentication of Equals)
feature from wpa_supplicant and makes it work with mbedtls
crypto APIs. Currently only group 19 is supported. A sample
SAE handshake is included in the testcase. Other minor
changes for DH groups are also included.
1. Add CCMP, AES crypto modules for unicast protected Mgmt frames
2. Add support for computing SHA256 MIC on Bcast Mgmt frames
3. Add support for storing iGTK during 4-way handshake.
4. Provide APIs to MLME for utilizing the SW crypto modules
5. Link PMF changes from WiFi library submodule
1. Add APIs for configuring PMF through set config.
2. Map Supplicant and Wifi Cipher types.
3. Add support for PMF negotiation while generating RSN IE.