From 00e2eb3b7cee08e941f6f6c6cabffbab6f646e41 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Tue, 5 Apr 2016 18:36:28 +0300 Subject: [PATCH] RSN: Set EAPOL-Key Request Secure bit to 1 if PTK is set The Secure bit in the Key Information field of EAPOL-Key frames is supposed to be set to 1 when there is a security association. This was done for other frames, but not for the EAPOL-Key Request frame where supplicant is requesting a new PTK to be derived (either due to Michael MIC failure report Error=1 or for other reasons with Error=0). In practice, EAPOL-Key Request frame is only sent when there is a PTK in place, so all such frames should have Secure=1. Signed-off-by: Jouni Malinen --- src/rsn_supp/wpa.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c index e8501197a..3c4787925 100644 --- a/src/rsn_supp/wpa.c +++ b/src/rsn_supp/wpa.c @@ -131,7 +131,7 @@ void wpa_sm_key_request(struct wpa_sm *sm, int error, int pairwise) EAPOL_KEY_TYPE_RSN : EAPOL_KEY_TYPE_WPA; key_info = WPA_KEY_INFO_REQUEST | ver; if (sm->ptk_set) - key_info |= WPA_KEY_INFO_MIC; + key_info |= WPA_KEY_INFO_MIC | WPA_KEY_INFO_SECURE; if (error) key_info |= WPA_KEY_INFO_ERROR; if (pairwise)