jeltz
/
hostap
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fix EAPOL-Key Install bit in Group Key 1/2 with FT and FILS auth 

sm->Pair needs to be initialized to TRUE since unicast cipher is
supported and this is an ESS. However, the normal place for setting this
(WPA_PTK::INITIALIZE) is skipped with using FT protocol or FILS
authentication, so need to do that separately when forcing PTKINITDONE.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2017-02-05 13:28:42 +02:00
parent 7e6cc3288c
commit 3bbc470502
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/ap/wpa_auth.c
View File

@ -615,6 +615,7 @@ int wpa_auth_sta_associated(struct wpa_authenticator *wpa_auth,
"start 4-way handshake"); "start 4-way handshake");
/* Go to PTKINITDONE state to allow GTK rekeying */ /* Go to PTKINITDONE state to allow GTK rekeying */
sm->wpa_ptk_state = WPA_PTK_PTKINITDONE; sm->wpa_ptk_state = WPA_PTK_PTKINITDONE;
sm->Pair = TRUE;
return 0; return 0;
} }
#endif /* CONFIG_IEEE80211R_AP */ #endif /* CONFIG_IEEE80211R_AP */
@ -625,6 +626,7 @@ int wpa_auth_sta_associated(struct wpa_authenticator *wpa_auth,
"FILS authentication already completed - do not start 4-way handshake"); "FILS authentication already completed - do not start 4-way handshake");
/* Go to PTKINITDONE state to allow GTK rekeying */ /* Go to PTKINITDONE state to allow GTK rekeying */
sm->wpa_ptk_state = WPA_PTK_PTKINITDONE; sm->wpa_ptk_state = WPA_PTK_PTKINITDONE;
sm->Pair = TRUE;
return 0; return 0;
} }
#endif /* CONFIG_FILS */ #endif /* CONFIG_FILS */