diff options
author | xinhe <xinhe@google.com> | 2015-10-21 11:43:47 -0700 |
---|---|---|
committer | xinhe <xinhe@google.com> | 2015-10-23 12:50:35 -0700 |
commit | eb5caea63b1eae6c0739dafa129a4e2e56553118 (patch) | |
tree | 22edd450d60036b1d3a4fad33cb9d0721e8a06be /service | |
parent | 20de5ba628240951562958595d5b6ec8edc2b13e (diff) | |
download | frameworks_opt_net_wifi-eb5caea63b1eae6c0739dafa129a4e2e56553118.tar.gz frameworks_opt_net_wifi-eb5caea63b1eae6c0739dafa129a4e2e56553118.tar.bz2 frameworks_opt_net_wifi-eb5caea63b1eae6c0739dafa129a4e2e56553118.zip |
[DO NOT MERGE] EAP-TLS PMKID mismatch error
b/24253154
Change-Id: I992a99d46f94e72564d8d1a2c357f6ff1c53a11d
Diffstat (limited to 'service')
3 files changed, 51 insertions, 4 deletions
diff --git a/service/java/com/android/server/wifi/WifiConfigStore.java b/service/java/com/android/server/wifi/WifiConfigStore.java index dec16d1..736ba1a 100644 --- a/service/java/com/android/server/wifi/WifiConfigStore.java +++ b/service/java/com/android/server/wifi/WifiConfigStore.java @@ -469,7 +469,7 @@ public class WifiConfigStore extends IpConfigStore { WifiEnterpriseConfig.CA_CERT_KEY, WifiEnterpriseConfig.SUBJECT_MATCH_KEY, WifiEnterpriseConfig.ENGINE_KEY, WifiEnterpriseConfig.ENGINE_ID_KEY, WifiEnterpriseConfig.PRIVATE_KEY_ID_KEY, WifiEnterpriseConfig.ALTSUBJECT_MATCH_KEY, - WifiEnterpriseConfig.DOM_SUFFIX_MATCH_KEY + WifiEnterpriseConfig.DOM_SUFFIX_MATCH_KEY, WifiEnterpriseConfig.PHASE1_KEY }; @@ -1790,7 +1790,7 @@ public class WifiConfigStore extends IpConfigStore { mLastPriority = 0; mConfiguredNetworks.clear(); - + List<WifiConfiguration> configTlsResetList = new ArrayList<WifiConfiguration>(); int last_id = -1; boolean done = false; while (!done) { @@ -1859,6 +1859,14 @@ public class WifiConfigStore extends IpConfigStore { if (showNetworks) log("Ignoring loaded configured for network " + config.networkId + " because config are not valid"); } + + if (config != null && config.enterpriseConfig != null && + config.enterpriseConfig.getEapMethod() < WifiEnterpriseConfig.Eap.PWD) { + if (!config.enterpriseConfig.getTls12Enable()) { + //re-enable the TLS1.2 every time when load the network + configTlsResetList.add(config); + } + } } done = (lines.length == 1); @@ -1882,6 +1890,12 @@ public class WifiConfigStore extends IpConfigStore { logContents(SUPPLICANT_CONFIG_FILE_BACKUP); logContents(networkHistoryConfigFile); } + + //reset TLS default to 1.2 + for (WifiConfiguration config : configTlsResetList) { + config.enterpriseConfig.setTls12Enable(true); + addOrUpdateNetwork(config, WifiConfiguration.UNKNOWN_UID); + } } private void logContents(String file) { diff --git a/service/java/com/android/server/wifi/WifiMonitor.java b/service/java/com/android/server/wifi/WifiMonitor.java index 9758d57..ffca502 100644 --- a/service/java/com/android/server/wifi/WifiMonitor.java +++ b/service/java/com/android/server/wifi/WifiMonitor.java @@ -230,6 +230,10 @@ public class WifiMonitor { private static final String BSS_REMOVED_STR = "BSS-REMOVED"; /** + * This indicate supplicant encounter RSN PMKID mismatch error + */ + private static final String RSN_PMKID_STR = "RSN: PMKID mismatch"; + /** * Regex pattern for extracting an Ethernet-style MAC address from a string. * Matches a strings like the following:<pre> * CTRL-EVENT-CONNECTED - Connection to 00:1e:58:ec:d5:6d completed (reauth) [id=1 id_str=]</pre> @@ -502,6 +506,7 @@ public class WifiMonitor { public static final int HS20_REMEDIATION_EVENT = BASE + 61; public static final int HS20_DEAUTH_EVENT = BASE + 62; + public static final int RSN_PMKID_MISMATCH_EVENT = BASE + 63; /** * This indicates a read error on the monitor socket conenction */ @@ -829,6 +834,8 @@ public class WifiMonitor { } else if (eventStr.startsWith(AUTH_EVENT_PREFIX_STR) && eventStr.endsWith(AUTH_TIMEOUT_STR)) { mStateMachine.sendMessage(AUTHENTICATION_FAILURE_EVENT); + } else if (eventStr.startsWith(RSN_PMKID_STR)) { + mStateMachine.sendMessage(RSN_PMKID_MISMATCH_EVENT); } else { if (DBG) Log.w(TAG, "couldn't identify event type - " + eventStr); } diff --git a/service/java/com/android/server/wifi/WifiStateMachine.java b/service/java/com/android/server/wifi/WifiStateMachine.java index 2785931..6e48c86 100644 --- a/service/java/com/android/server/wifi/WifiStateMachine.java +++ b/service/java/com/android/server/wifi/WifiStateMachine.java @@ -212,7 +212,7 @@ public class WifiStateMachine extends StateMachine implements WifiNative.WifiPno private int mNumScanResultsReturned; private boolean mScreenOn = false; - + private int mCurrentAssociateNetworkId = -1; /* Chipset supports background scan */ private final boolean mBackgroundScanSupported; @@ -4052,7 +4052,7 @@ public class WifiStateMachine extends StateMachine implements WifiNative.WifiPno synchronized (mScanResultCache) { // AutoJoincontroller will directly acces the scan result list and update it with // ScanResult status - mNumScanResultsKnown = mWifiAutoJoinController.newSupplicantResults(attemptAutoJoin); + mNumScanResultsKnown = 1mWifiAutoJoinController.newSupplicantResults(attemptAutoJoin); } } if (linkDebouncing) { @@ -6923,6 +6923,9 @@ public class WifiStateMachine extends StateMachine implements WifiNative.WifiPno case WifiMonitor.GAS_QUERY_START_EVENT: s = "WifiMonitor.GAS_QUERY_START_EVENT"; break; + case WifiMonitor.RSN_PMKID_MISMATCH_EVENT: + s = "WifiMonitor.RSN_PMKID_MISMATCH_EVENT"; + break; case CMD_SET_OPERATIONAL_MODE: s = "CMD_SET_OPERATIONAL_MODE"; break; @@ -7243,6 +7246,13 @@ public class WifiStateMachine extends StateMachine implements WifiNative.WifiPno mIpReachabilityMonitor.probeAll(); } } + + if (state == SupplicantState.ASSOCIATED) { + StateChangeResult stateChangeResult = (StateChangeResult) message.obj; + if (stateChangeResult != null) { + mCurrentAssociateNetworkId = stateChangeResult.networkId; + } + } break; case WifiP2pServiceImpl.DISCONNECT_WIFI_REQUEST: if (message.arg1 == 1) { @@ -9555,6 +9565,22 @@ public class WifiStateMachine extends StateMachine implements WifiNative.WifiPno case CMD_SCREEN_STATE_CHANGED: handleScreenStateChanged(message.arg1 != 0); break; + case WifiMonitor.RSN_PMKID_MISMATCH_EVENT: + //WAR: In release M, there is a TLS bugs for some radius. M upgrade the TLS to + // 1.2. However,some old radius can not support it. So if possibly disconnected + // due to TLS failure, we will toggler the TLS version between 1.1 and 1.2 for + // next retry connection + int nid = mCurrentAssociateNetworkId; + WifiConfiguration currentNet = mWifiConfigStore.getWifiConfiguration(nid); + if (currentNet != null && currentNet.enterpriseConfig != null) { + currentNet.enterpriseConfig.setTls12Enable( + !currentNet.enterpriseConfig.getTls12Enable()); + mWifiConfigStore.saveNetwork(currentNet, WifiConfiguration.UNKNOWN_UID); + Log.e(TAG, "NetWork ID =" + nid + " switch to TLS1.2: " + + currentNet.enterpriseConfig.getTls12Enable()); + } + + break; default: ret = NOT_HANDLED; } |