diff --git a/src/supplicant-manager/nm-supplicant-config.c b/src/supplicant-manager/nm-supplicant-config.c index a91413fabe..21b525826a 100644 --- a/src/supplicant-manager/nm-supplicant-config.c +++ b/src/supplicant-manager/nm-supplicant-config.c @@ -720,6 +720,13 @@ nm_supplicant_config_add_setting_wireless_security (NMSupplicantConfig *self, */ if (!nm_supplicant_config_add_option (self, "bgscan", "simple:30:-45:300", -1, FALSE)) nm_log_warn (LOGD_SUPPLICANT, "Error enabling background scanning for ESS roaming"); + + /* When using WPA-Enterprise, we want to use Proactive Key Caching (also + * called Opportunistic Key Caching) to avoid full EAP exchanges when + * roaming between access points in the same mobility group. + */ + if (!nm_supplicant_config_add_option (self, "proactive_key_caching", "1", -1, FALSE)) + return FALSE; } } @@ -738,7 +745,7 @@ nm_supplicant_config_add_setting_8021x (NMSupplicantConfig *self, gboolean success, added; GString *phase1, *phase2; const GByteArray *array; - gboolean peap = FALSE, fast = FALSE; + gboolean fast = FALSE; guint32 i, num_eap; gboolean fast_provisoning_allowed = FALSE; @@ -786,25 +793,12 @@ nm_supplicant_config_add_setting_8021x (NMSupplicantConfig *self, for (i = 0; i < num_eap; i++) { const char *method = nm_setting_802_1x_get_eap_method (setting, i); - if (method && (strcasecmp (method, "peap") == 0)) - peap = TRUE; if (method && (strcasecmp (method, "fast") == 0)) { fast = TRUE; priv->fast_required = TRUE; } } - /* When using PEAP-GTC, we're likely using Cisco kit, so we want to turn - * on PMKSA caching so that roaming between access points actually works - * without a full reauth (which requires a new token code). We may want - * to extend this to all PEAP phase2 methods at some point. - */ - value = nm_setting_802_1x_get_phase2_auth (setting); - if (peap && value && (strcasecmp (value, "gtc") == 0)) { - if (!nm_supplicant_config_add_option (self, "proactive_key_caching", "1", -1, FALSE)) - return FALSE; - } - /* Drop the fragment size a bit for better compatibility */ if (!nm_supplicant_config_add_option (self, "fragment_size", "1300", -1, FALSE)) return FALSE;