From c2080e8657f812f504ff44011115ab5816b2ce3f Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Mon, 25 May 2020 16:25:50 +0300 Subject: [PATCH] Clear current PMKSA cache selection on association/roam It was possible for the RSN state machine to maintain old PMKSA cache selection (sm->cur_pmksa) when roaming to another BSS based on driver-based roaming indication. This could result in mismatching state and unexpected behavior, e.g., with not generating a Suite B PMKSA cache entry. Signed-off-by: Jouni Malinen --- src/rsn_supp/pmksa_cache.c | 3 +++ wpa_supplicant/events.c | 3 +++ 2 files changed, 6 insertions(+) diff --git a/src/rsn_supp/pmksa_cache.c b/src/rsn_supp/pmksa_cache.c index bd32cef08..4a175f166 100644 --- a/src/rsn_supp/pmksa_cache.c +++ b/src/rsn_supp/pmksa_cache.c @@ -485,6 +485,9 @@ void pmksa_cache_clear_current(struct wpa_sm *sm) { if (sm == NULL) return; + if (sm->cur_pmksa) + wpa_printf(MSG_DEBUG, + "RSN: Clear current PMKSA entry selection"); sm->cur_pmksa = NULL; } diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c index 46341e936..f0f91892f 100644 --- a/wpa_supplicant/events.c +++ b/wpa_supplicant/events.c @@ -356,6 +356,9 @@ static void wpa_find_assoc_pmkid(struct wpa_supplicant *wpa_s) int pmksa_set = -1; size_t i; + /* Start with assumption of no PMKSA cache entry match */ + pmksa_cache_clear_current(wpa_s->wpa); + if (wpa_sm_parse_own_wpa_ie(wpa_s->wpa, &ie) < 0 || ie.pmkid == NULL) return;