From 675112df1b539d9d4ba80249a13946a869445fba Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Sun, 8 Oct 2017 12:29:33 +0300 Subject: [PATCH] OWE: Set PMK length properly on supplicant side sm->pmk_len was not set when deriving the PMK as part of OWE key generation. This depending on wpa_sm_set_pmk_from_pmksa() call resetting the value to the default. While this worked for many cases, this is not correct and can have issues with network profile selection based on association information. For example, the OWE transition mode cases would hit an issue here. Signed-off-by: Jouni Malinen --- src/rsn_supp/wpa.c | 1 + wpa_supplicant/wpa_supplicant.c | 6 ++++++ 2 files changed, 7 insertions(+) diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c index 739689d18..04c755d01 100644 --- a/src/rsn_supp/wpa.c +++ b/src/rsn_supp/wpa.c @@ -4291,6 +4291,7 @@ int owe_process_assoc_resp(struct wpa_sm *sm, const u8 *resp_ies, os_memset(prk, 0, SHA256_MAC_LEN); if (res < 0) return -1; + sm->pmk_len = PMK_LEN; wpa_hexdump_key(MSG_DEBUG, "OWE: PMK", sm->pmk, PMK_LEN); wpa_hexdump(MSG_DEBUG, "OWE: PMKID", pmkid, PMKID_LEN); diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c index eca9b2555..ddfdaf71a 100644 --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c @@ -1528,6 +1528,12 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s, "No PSK available for association"); return -1; } +#ifdef CONFIG_OWE + } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_OWE) { + /* OWE Diffie-Hellman exchange in (Re)Association + * Request/Response frames set the PMK, so do not override it + * here. */ +#endif /* CONFIG_OWE */ } else wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);