From 0a1a82db92c44cf21c03ade60f32e6e9e52af646 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Fri, 19 Apr 2019 00:17:52 +0300 Subject: [PATCH] FT: Allow 4-way handshake for PTK rekeying to continue without PMK/PMKID There is no PMK/PMKID when going through 4-way handshake during an association started with FT protocol, so need to allow the operation to proceed even if there is no selected PMKSA cache entry in place. Signed-off-by: Jouni Malinen --- src/rsn_supp/wpa.c | 9 +++++++++ src/rsn_supp/wpa_i.h | 5 +++-- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c index 899a43089..9163f61fa 100644 --- a/src/rsn_supp/wpa.c +++ b/src/rsn_supp/wpa.c @@ -384,6 +384,11 @@ static int wpa_supplicant_get_pmk(struct wpa_sm *sm, if (!sm->cur_pmksa) sm->cur_pmksa = sa; +#ifdef CONFIG_IEEE80211R + } else if (wpa_key_mgmt_ft(sm->key_mgmt) && sm->ft_protocol) { + wpa_printf(MSG_DEBUG, + "FT: Continue 4-way handshake without PMK/PMKID for association using FT protocol"); +#endif /* CONFIG_IEEE80211R */ } else { wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, "WPA: Failed to get master session key from " @@ -2714,6 +2719,9 @@ void wpa_sm_notify_assoc(struct wpa_sm *sm, const u8 *bssid) wpa_ft_prepare_auth_request(sm, NULL); clear_keys = 0; + sm->ft_protocol = 1; + } else { + sm->ft_protocol = 0; } #endif /* CONFIG_IEEE80211R */ #ifdef CONFIG_FILS @@ -2778,6 +2786,7 @@ void wpa_sm_notify_disassoc(struct wpa_sm *sm) #endif /* CONFIG_FILS */ #ifdef CONFIG_IEEE80211R sm->ft_reassoc_completed = 0; + sm->ft_protocol = 0; #endif /* CONFIG_IEEE80211R */ /* Keys are not needed in the WPA state machine anymore */ diff --git a/src/rsn_supp/wpa_i.h b/src/rsn_supp/wpa_i.h index 5dc9f2ed5..0c5955c66 100644 --- a/src/rsn_supp/wpa_i.h +++ b/src/rsn_supp/wpa_i.h @@ -126,8 +126,9 @@ struct wpa_sm { u8 r0kh_id[FT_R0KH_ID_MAX_LEN]; size_t r0kh_id_len; u8 r1kh_id[FT_R1KH_ID_LEN]; - int ft_completed; - int ft_reassoc_completed; + unsigned int ft_completed:1; + unsigned int ft_reassoc_completed:1; + unsigned int ft_protocol:1; int over_the_ds_in_progress; u8 target_ap[ETH_ALEN]; /* over-the-DS target AP */ int set_ptk_after_assoc;