From 9257610a6e46857ee3f57a66ed6ec214d716e829 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Thu, 10 Dec 2015 00:12:59 +0200 Subject: [PATCH] FT: Fix FTIE generation for EAPOL-Key msg 3/4 This FTIE needs to be an exact copy of the one in (Re)Association Response frame. Copy the stored element rather than building a new copy that would not have the correct MIC value. This is needed to fix PTK rekeying after FT protocol run. Signed-off-by: Jouni Malinen --- src/ap/wpa_auth.c | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c index f70816598..9b2382f33 100644 --- a/src/ap/wpa_auth.c +++ b/src/ap/wpa_auth.c @@ -2328,10 +2328,18 @@ SM_STATE(WPA_PTK, PTKINITNEGOTIATING) struct wpa_auth_config *conf; conf = &sm->wpa_auth->conf; - res = wpa_write_ftie(conf, conf->r0_key_holder, - conf->r0_key_holder_len, - NULL, NULL, pos, kde + kde_len - pos, - NULL, 0); + if (sm->assoc_resp_ftie && + kde + kde_len - pos >= 2 + sm->assoc_resp_ftie[1]) { + os_memcpy(pos, sm->assoc_resp_ftie, + 2 + sm->assoc_resp_ftie[1]); + res = 2 + sm->assoc_resp_ftie[1]; + } else { + res = wpa_write_ftie(conf, conf->r0_key_holder, + conf->r0_key_holder_len, + NULL, NULL, pos, + kde + kde_len - pos, + NULL, 0); + } if (res < 0) { wpa_printf(MSG_ERROR, "FT: Failed to insert FTIE " "into EAPOL-Key Key Data");