- Ensure that wpa_supplicant's state machine registers the requirement for rsnxe
before deciding to add rsnxe to a assoc request.
Co-authored-by: jgujarathi <jash.gujarathi@espressif.com>
1. Free temporary data used by SAE before memsetting the same
2. Drop any received auth responses that use a different algorithm than the one currently in use
* Fix issues related to mgmt packets encryption in GCMP
* Fix issue of wrong decryption of mgmt packets when PMF is enabled
* Fix softAP bug in handling of SAE Reauthentication
- Any scanning currently updates the bss table held by supplicant anyway,
but the time record used to maintain the recency of the last scan is
only updated by supplicant issued scans. Updating the last scan time
for application trigerred scanning will prevent the needless scanning
by supplicant if there has been an application trigerred scan in
the time diff threshold(currently 10s).
- Add default durations to supplicant issued scans based on results from
initial experiments where probe response times were recorded in a
significantly noisy environment. It was noticed that within 70ms
we receive over 80% of the responses 90% of the time
- Clear the bssid set flag and channel in supplicant disconnect handler as this
can cause the station to recursively connect to the wrong AP in case
roaming through BTM mechanisms fails.
- Fix issue with incorrect blocking time calculation when blocking scan
issued for a single channel.
- Deprecate the existing esp_rrm_send_neighbor_rep_request() API
- Adds a new API to send neighbor report requests esp_rrm_send_neighbor_report_request().
This replaces the older API's callback procedure with a new Wi-Fi
event that is posted when the neighbor report is received.
This moves the execution of the callback from supplicant
context to freertos context.
- Avoid downgrading TLS ciphersuites when client RSA keys are larger than RSA-2048 bit.
- Note that when using bigger certificates on low-power chips without crypto
hardware acceleration, it is recommended to adjust the task watchdog timer (TWDT)
if it is enabled. For precise information on timing requirements, you can check
performance numbers at https://github.com/espressif/mbedtls/wiki/Performance-Numbers.
Allow an additional context value to be passed to TLS exporter as
specified in RFC 5705 section 4.
This does not yet implement it for the internal TLS implementation.
However, as currently nothing uses context yet, this will not break
anything right now. WolfSSL maintainers also stated that they are not
going to add context support yet, but would look into it if/when this is
required by a published draft or a standard.
Signed-off-by: Ervin Oro <ervin.oro@aalto.fi>
Fix issues with DPP stop listen and DPP auth data deinit
Closes WIFIBUG-443, WIFIBUG-442, WIFIBUG-421, and WIFIBUG-423
See merge request espressif/esp-idf!29404
Make sure that WPS registrar public APIs do not modify supplicant
data in application task context. Execute API functionlity in eloop
context to prevent protential race conditions.