Ubuntu
wpasupplicant package

Frequent disconnects under certain network conditions

Bug #1187524 reported by Mark Russell on 2013-06-04
28
This bug affects 4 people
Affects Status Importance Assigned to Milestone
wpasupplicant (Ubuntu)
Invalid
Medium
Unassigned
Precise
Fix Released
Medium
Unassigned
Also affects project (?) Also affects distribution/package Nominate for series

Bug Description

[Impact]
Under WPA2-Enterprise secured networks, roaming between the secure APs need to cache the keys used, since although the AP is different, the same authentication backend (a server of some sort, possibly RADIUS) is most likely the same. This only impacts specific setups using WPA Enterprise security on wireless networks in environments where lots of APs are installed and roaming happens frequently.

[Test Case]
Run the new WPA supplicant.
Notice whether there are fewer wireless disconnects events.

[Regression Potential]
Low, this only affects WPA Enterprise security, and only in specific setups where roaming between one AP to the next is both frequent and expected. The included patches are backports from WPA 1.0, which have been in Ubuntu since Quantal, with no adverse effects.

However, there are quite a few patches at cause, which introduce complexity in the testing and the actual functional changes.

See http://people.ubuntu.com/~mathieu-tl/wpa.debdiff for the full list of changes.

---

There are several upstream patches that help reduce network disconnects and excessive roaming on some networks.

Mainly they are related to Opportunistic Key Caching, authorization and association timing fixes.

See original description
Mark Russell (marrusl) on 2013-06-04
tags: added: precise
Mark Russell (marrusl) on 2013-06-04
Changed in wpasupplicant (Ubuntu):
status: New → Incomplete
Mathieu Trudel-Lapierre (cyphermox) on 2013-06-04
Changed in wpasupplicant (Ubuntu):
status: Incomplete → Invalid
importance: Undecided → Medium
Changed in wpasupplicant (Ubuntu Precise):
status: New → Triaged
importance: Undecided → Medium
description: updated
Mathieu Trudel-Lapierre (cyphermox) on 2013-06-04
description: updated
Clint Byrum (clint-fewbar) wrote :

I think it is inaccurate to say "this only affects enterprise setups". The bug may only affect enterprise setups, but the code may be shared with non-enterprise setups. The point of "Regression Potential" is to shine light on what parts of the package are affected by the change to aid testers in looking for regressions.

This is a big patch, so I'd like to see this get wide exposure on multiple setups while still in -proposed.

Changed in wpasupplicant (Ubuntu Precise):
status: Triaged → Fix Committed
tags: added: verification-needed
Clint Byrum (clint-fewbar) wrote : Please test proposed package

Hello Mark, or anyone else affected,

Accepted wpasupplicant into precise-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/wpasupplicant/0.7.3-6ubuntu2.2 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Simon Déziel (sdeziel) wrote :

I've been running wpasupplicant 0.7.3-6ubuntu2.2 since 2013-07-09 on various networks using WPA2 *personal* and had no issue. There was no RADIUS or roaming involved in my tests but I just wanted to say no regression either :)

I'll let someone with an enterprise setup add the "verification-done" tag.

Roman Shipovskij (roman-shipovskij) wrote :

We are using WPA2-Enterprise network (EAP-TTLS) with multiple APs, this update has positive effect, no regression after month of testing

tags: added: verification-done
removed: verification-needed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package wpasupplicant - 0.7.3-6ubuntu2.2

---------------
wpasupplicant (0.7.3-6ubuntu2.2) precise-proposed; urgency=low

  * Multiple patches to reduce the number of disconnections for WPA Enterprise
    roaming and Opportunistic Key Caching. (LP: #1187524)
  * In debian/patches:
    0001-sme-fix-retry-after-auth-assoc-timeout-failure.patch,
    0002-sme-optimize-recovery-from-common-load-balancing-mechanisms.patch,
    0003-sme-blacklist-bss-on-first-failure-if-only-a-*.patch,
    0004-sme-extend-load-balancing-optimization-in-bss-blacklisting.patch,
    0005-sme-optimize-recovery-from-association-command-failures.patch,
    0006-sme-add-timers-for-authentication-and-association.patch,
    0007-sme-nl80211-set-cipher-suites.patch:
    Cherry-pick patches fixing SME (Session Management Entity) for the nl80211
    driver, which works as a basis for the OKC patches.
  * In debian/patches:
    0001-pmkokc-Set-portValid-TRUE-on-association-for-driver-based-4.patch,
    0002-pmkokc-Clear-WPA-and-EAPOL-state-machine-config-pointer-on-.patch,
    0003-pmkokc-Clear-driver-PMKSA-cache-entry-on-PMKSA-cache-expira.patch,
    0004-pmkokc-Flush-PMKSA-cache-entries-and-invalidate-EAP-state-o.patch,
    0005-pmkokc-Fix-proactive_key_caching-configuration-to-WPA-code.patch,
    0006-pmkokc-RSN-Add-a-debug-message-when-considing-addition-of-O.patch,
    0007-pmkokc-Clear-OKC-based-PMKSA-caching-entries-if-PMK-is-chan.patch,
    0008-pmkokc-Move-wpa_sm_remove_pmkid-call-to-PMKSA-cache-entry-f.patch,
    0009-pmkokc-Use-PMKSA-cache-entries-with-only-a-single-network-c.patch,
    0010-pmkokc-PMKSA-Do-not-evict-active-cache-entry-when-adding-ne.patch,
    0011-pmkokc-PMKSA-Set-cur_pmksa-pointer-during-initial-associati.patch,
    0012-pmkokc-PMKSA-make-deauthentication-due-to-cache-entry-remov.patch,
    0013-pmkokc-PMKSA-update-current-cache-entry-due-to-association-.patch:
    Cherry-pick patches to properly do OKC (Opportunistic Key Caching) which
    helps maintaining connectivity on networks secured with WPA Enterprise,
    especially on nl80211-based drivers -- these patches require SME, and add
    or fix key caching and handling of the cache entries.
  * debian/patches/force-enable-okc.patch: force Opportunistic Key Caching to
    be enabled.
  * debian/patches/less-aggressive-roaming.patch: use less aggressive roaming
    settings to avoid switching to another AP unnecessarily, when the actual
    signal level difference is small.
  * debian/patches/wpa_supplicant-dbus-null-error.patch: Don't send NULL to
    dbus_message_new_error().
  * debian/patches/0001-nl80211-Fix-UNSPEC-signal-quality-reporting.patch: fix
    marking qual as invalid rather than signal level.
  * debian/patches/wpa_supplicant-squelch-driver-disconnect-spam.patch: recover
    cleanly from streams of disconnect messages (like on iwl3945).
  * debian/patches/wpa_supplicant-assoc-timeout.patch: increase association
    timeouts.
 -- Mathieu Trudel-Lapierre <email address hidden> Wed, 12 Jun 2013 15:57:50 -0400

Changed in wpasupplicant (Ubuntu Precise):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.
Subscribing...

Other bug subscribers