Description of problem:
Currently, it's impossible to resume connection to OTP wifi after suspend so practically, when user is connected to OTP wifi and needs to e.g. move between meeting rooms, they have to enter OTP again and they have all the TCP connections using this wifi (think IRC and SSH) severed despite reconnecting within TCP timeout. So in offices with Linux-powered laptops and OTP wifi, you can see lots of folks carrying open laptops around.

For OpenVPN, analogous situation is handled by what NM exposes as vpn.persistent setting. When true, OpenVPN session keys are kept around even when underlying connection goes down, meaning that OpenVPN connection resumes after (reasonably short) suspend or even when underlying connection is replaced by different one (e.g. alternating between wired, regular wifi and connectivity shared by cell phone).

It should be possible to have this feature in wpa_supplicant as well if wpa_supplicant:

• had some means to set that PMK secrets are to be kept around even when disassociated from AP from any other reason than explicit user (or controlling sw) request
• would try to roam to SSID for which it has PMK available

Open question is whether there should be some sort of timeout after which PMK is discarded anyway or if this should be left entirely on AP side (and if it should be configurable). NM exposes no such settings for vpn.persistent connections.

Version-Release number of selected component (if applicable):
wpa_supplicant-2.10-4

How reproducible:
always