Clear EAPOL authenticator authFail for PMKSA caching/FT
This fixes a corner case where a STA that has PMKSA cache entry (or valid FT keys) could try to use full EAPOL/EAP authentication and fail. If the STA will then try to use the still valid PMKSA cache entry (or FT) before the STA entry has been cleared, authFail could have been left to TRUE. That will make EAPOL authenticator PAE state machine enter HELD state even though authSuccess was already forced to TRUE. This results in the STA getting disconnected even though it should be allowed to continue with 4-way handshake. While this is unlikely to happen in practice, it is better to get this fixed by clearing authFail when setting authSuccess. Signed-hostap: Jouni Malinen <j@w1.fi> intended-for: hostap-1master
parent
d9a38716cc
commit
c7bce24dc9
Loading…
Reference in New Issue