I noticed that for me 802.11r with key pushing was not working properly. I pulled up the wpad binary in an disassembler and noticed that it was apparently not calling the wpa_ft_push_pmk_r1 function from wpa_auth.c.
so there is an obvious reason why it would not be called (missing define). So what I found out is that when I compile wpad it is missing, but when I compile hostapd it is there.
Anybody knows why that would be? The hostapd makefile checks for CONFIG_IEEE80211R and sets CONFIG_IEEE80211R_AP then, why is that not working for wpad? On the other side half of the 802.11r stuff exists in the binary so it doesn't throw an error, it simply doesn't work.
An easy check to see if it's properly compiled is searching for "FT: Deriving and pushing PMK-R1 keys to R1KHs for STA %02x:%02x:%02x:%02x:%02x:%02x" in the binary. That string is missing in the wpad version but is there in the hostapd version.
I'm talking about the "normal" wpad and "normal" hostapd here, not the basic versions.
Yeah I also looked at the Makefile and I was wondering if maybe for wpad the hostapd Makefile is not used? There was a split in hostapd for 802.11r between hostapd and wpa_supplicant so it can be individually changed for both. Hostapd's Makefile has something like this enabling the AP Part of 802.11r when the "overall" 802.11r is enabled:
I can't reproduce this. In my build, -DCONFIG_IEEE80211R_AP gets added to cflags correctly. If I insert a #error inside the #ifdef that you quoted, it fails as expected.
That was on 19.07.6, I did a quick check by searching for the string on the latest snapshot aswell but never found it. I think I know what's going on though: The function was inlined, that's why I didn't spot it at the disassembler (so it's there, but it's not obvious) Also wpad seems to not allow debug messages at all, hostapd seems to do so. That string has the severity debug. so it's apparently never printed in wpad and only in hostapd (so it got stripped from wpad). I still have no clue why 802.11r wasn't working with wpad and is now after I replaced it with hostapd everywhere.