FILS: Set TK after association (AP)
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
parent
07e0117d21
commit
da24c5aa1c
3 changed files with 37 additions and 1 deletions
|
@ -3258,6 +3258,18 @@ static void handle_assoc_cb(struct hostapd_data *hapd,
|
|||
hapd->new_assoc_sta_cb(hapd, sta, !new_assoc);
|
||||
ieee802_1x_notify_port_enabled(sta->eapol_sm, 1);
|
||||
|
||||
#ifdef CONFIG_FILS
|
||||
if ((sta->auth_alg == WLAN_AUTH_FILS_SK ||
|
||||
sta->auth_alg == WLAN_AUTH_FILS_SK_PFS ||
|
||||
sta->auth_alg == WLAN_AUTH_FILS_PK) &&
|
||||
fils_set_tk(sta->wpa_sm) < 0) {
|
||||
wpa_printf(MSG_DEBUG, "FILS: TK configuration failed");
|
||||
ap_sta_disconnect(hapd, sta, sta->addr,
|
||||
WLAN_REASON_UNSPECIFIED);
|
||||
return;
|
||||
}
|
||||
#endif /* CONFIG_FILS */
|
||||
|
||||
if (sta->pending_eapol_rx) {
|
||||
struct os_reltime now, age;
|
||||
|
||||
|
|
|
@ -1759,7 +1759,8 @@ int wpa_auth_sm_event(struct wpa_state_machine *sm, enum wpa_event event)
|
|||
remove_ptk = 0;
|
||||
#endif /* CONFIG_IEEE80211W */
|
||||
#ifdef CONFIG_FILS
|
||||
if (wpa_key_mgmt_fils(sm->wpa_key_mgmt) && event == WPA_AUTH)
|
||||
if (wpa_key_mgmt_fils(sm->wpa_key_mgmt) &&
|
||||
(event == WPA_AUTH || event == WPA_ASSOC))
|
||||
remove_ptk = 0;
|
||||
#endif /* CONFIG_FILS */
|
||||
|
||||
|
@ -2395,6 +2396,28 @@ int fils_encrypt_assoc(struct wpa_state_machine *sm, u8 *buf,
|
|||
return current_len;
|
||||
}
|
||||
|
||||
|
||||
int fils_set_tk(struct wpa_state_machine *sm)
|
||||
{
|
||||
enum wpa_alg alg;
|
||||
int klen;
|
||||
|
||||
if (!sm || !sm->PTK_valid)
|
||||
return -1;
|
||||
|
||||
alg = wpa_cipher_to_alg(sm->pairwise);
|
||||
klen = wpa_cipher_key_len(sm->pairwise);
|
||||
|
||||
wpa_printf(MSG_DEBUG, "FILS: Configure TK to the driver");
|
||||
if (wpa_auth_set_key(sm->wpa_auth, 0, alg, sm->addr, 0,
|
||||
sm->PTK.tk, klen)) {
|
||||
wpa_printf(MSG_DEBUG, "FILS: Failed to set TK to the driver");
|
||||
return -1;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
#endif /* CONFIG_FILS */
|
||||
|
||||
|
||||
|
|
|
@ -355,5 +355,6 @@ int fils_decrypt_assoc(struct wpa_state_machine *sm, const u8 *fils_session,
|
|||
u8 *pos, size_t left);
|
||||
int fils_encrypt_assoc(struct wpa_state_machine *sm, u8 *buf,
|
||||
size_t current_len, size_t max_len);
|
||||
int fils_set_tk(struct wpa_state_machine *sm);
|
||||
|
||||
#endif /* WPA_AUTH_H */
|
||||
|
|
Loading…
Reference in a new issue