From 71718b628b9f0b868dfa6d869db9b0ce4be1de88 Mon Sep 17 00:00:00 2001 From: Shiva Sankar Gajula Date: Wed, 13 Jan 2021 16:14:03 +0530 Subject: [PATCH] FT: Update key mgmt properly in RSNE during roaming When STA is performing roam from WPA3 AP to WPA2 AP, the STA was including key mgmt FT-SAE instead of FT-PSK in FT Authentication request RSNE when using driver-based SME. This is because the RSNE/MDE/FTE were updated and forwarded to the driver using the NL80211_CMD_UPDATE_FT_IES command before updating key mgmt properly. Because of this, the AP is rejecting FT Authentication request with WLAN_REASON_UNSPECIFIED reason code which is due to the invalid keymgmt in RSNE. Fix this by reordering IE population to happen earlier in the sequence so that the updated key mgmt information can be provided when using NL80211_CMD_UPDATE_FT_IES. Signed-off-by: Shiva Sankar Gajula --- wpa_supplicant/wpa_supplicant.c | 27 ++++++++++++++------------- 1 file changed, 14 insertions(+), 13 deletions(-) diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c index fc0574e03..c3e747260 100644 --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c @@ -3487,6 +3487,20 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit) os_memset(¶ms, 0, sizeof(params)); wpa_s->reassociate = 0; wpa_s->eap_expected_failure = 0; + + /* Starting new association, so clear the possibly used WPA IE from the + * previous association. */ + wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0); + wpa_sm_set_assoc_rsnxe(wpa_s->wpa, NULL, 0); + wpa_s->rsnxe_len = 0; + wpa_s->mscs_setup_done = false; + + wpa_ie = wpas_populate_assoc_ies(wpa_s, bss, ssid, ¶ms, NULL); + if (!wpa_ie) { + wpas_connect_work_done(wpa_s); + return; + } + if (bss && (!wpas_driver_bss_selection(wpa_s) || wpas_wps_searching(wpa_s))) { #ifdef CONFIG_IEEE80211R @@ -3535,19 +3549,6 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit) wpa_supplicant_cancel_scan(wpa_s); - /* Starting new association, so clear the possibly used WPA IE from the - * previous association. */ - wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0); - wpa_sm_set_assoc_rsnxe(wpa_s->wpa, NULL, 0); - wpa_s->rsnxe_len = 0; - wpa_s->mscs_setup_done = false; - - wpa_ie = wpas_populate_assoc_ies(wpa_s, bss, ssid, ¶ms, NULL); - if (!wpa_ie) { - wpas_connect_work_done(wpa_s); - return; - } - wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL); use_crypt = 1; cipher_pairwise = wpa_s->pairwise_cipher;