From 1ac2d4a9eee938ae237f07ac78b0e3925ef56846 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Fri, 21 Nov 2008 15:31:25 +0200 Subject: [PATCH] Fixed canceling of PMKSA caching with driver generated RSN IE It looks like some Windows NDIS drivers (e.g., Intel) do not clear the PMKID list even when wpa_supplicant explicitly sets the list to be empty. In such a case, the driver ends up trying to use PMKSA caching with the AP and wpa_supplicant may not have the PMK that would be needed to complete 4-way handshake. RSN processing already had some code for aborting PMKSA caching by sending EAPOL-Start. However, this was not triggered in this particular case where the driver generates the RSN IE. With this change, this case is included, too, and the failed PMKSA caching attempt is cleanly canceled and wpa_supplicant can fall back to full EAP authentication. --- src/rsn_supp/wpa.c | 2 +- wpa_supplicant/ChangeLog | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c index 1da54f296..b22147645 100644 --- a/src/rsn_supp/wpa.c +++ b/src/rsn_supp/wpa.c @@ -266,7 +266,7 @@ static int wpa_supplicant_get_pmk(struct wpa_sm *sm, "caching attempt"); sm->cur_pmksa = NULL; abort_cached = 1; - } else { + } else if (!abort_cached) { return -1; } } diff --git a/wpa_supplicant/ChangeLog b/wpa_supplicant/ChangeLog index 263291e6b..4f626c658 100644 --- a/wpa_supplicant/ChangeLog +++ b/wpa_supplicant/ChangeLog @@ -23,6 +23,9 @@ ChangeLog for wpa_supplicant with driver_nl80211.c (the old code from driver_wext.c was removed) * added support (Linux only) for RoboSwitch chipsets (often found in consumer grade routers); driver interface 'roboswitch' + * fixed canceling of PMKSA caching when using drivers that generate + RSN IE and refuse to drop PMKIDs that wpa_supplicant does not know + about 2008-11-01 - v0.6.5 * added support for SHA-256 as X.509 certificate digest when using the