diff options
author | Jouni Malinen <j@w1.fi> | 2012-12-30 20:35:59 (GMT) |
---|---|---|
committer | Jouni Malinen <j@w1.fi> | 2013-01-12 15:51:52 (GMT) |
commit | 47b55a3ef59d9363bbd624e8b5aa714467111743 (patch) | |
tree | 9bc0d901f6f8ddde7267e3c431dec6018ab5b598 | |
parent | f2e9818f73215024944b2db648a03c64ba1b8cc5 (diff) | |
download | hostap-47b55a3ef59d9363bbd624e8b5aa714467111743.zip hostap-47b55a3ef59d9363bbd624e8b5aa714467111743.tar.gz hostap-47b55a3ef59d9363bbd624e8b5aa714467111743.tar.bz2 |
SAE: Use PMK in 4-way handshake
Use the PMK that is derived as part of the SAE authentication in the
4-way handshake instead of the PSK.
Signed-hostap: Jouni Malinen <j@w1.fi>
-rw-r--r-- | src/ap/wpa_auth_glue.c | 15 | ||||
-rw-r--r-- | wpa_supplicant/sme.c | 4 |
2 files changed, 17 insertions, 2 deletions
diff --git a/src/ap/wpa_auth_glue.c b/src/ap/wpa_auth_glue.c index 76c61ea..fdaaaff 100644 --- a/src/ap/wpa_auth_glue.c +++ b/src/ap/wpa_auth_glue.c @@ -1,6 +1,6 @@ /* * hostapd / WPA authenticator glue code - * Copyright (c) 2002-2011, Jouni Malinen <j@w1.fi> + * Copyright (c) 2002-2012, Jouni Malinen <j@w1.fi> * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -10,6 +10,7 @@ #include "utils/common.h" #include "common/ieee802_11_defs.h" +#include "common/sae.h" #include "eapol_auth/eapol_auth_sm.h" #include "eapol_auth/eapol_auth_sm_i.h" #include "eap_server/eap.h" @@ -184,7 +185,17 @@ static const u8 * hostapd_wpa_auth_get_psk(void *ctx, const u8 *addr, { struct hostapd_data *hapd = ctx; struct sta_info *sta = ap_get_sta(hapd, addr); - const u8 *psk = hostapd_get_psk(hapd->conf, addr, prev_psk); + const u8 *psk; + +#ifdef CONFIG_SAE + if (sta && sta->auth_alg == WLAN_AUTH_SAE) { + if (!sta->sae || prev_psk) + return NULL; + return sta->sae->pmk; + } +#endif /* CONFIG_SAE */ + + psk = hostapd_get_psk(hapd->conf, addr, prev_psk); /* * This is about to iterate over all psks, prev_psk gives the last * returned psk which should not be returned again. diff --git a/wpa_supplicant/sme.c b/wpa_supplicant/sme.c index 870313d..043a0a7 100644 --- a/wpa_supplicant/sme.c +++ b/wpa_supplicant/sme.c @@ -488,6 +488,10 @@ void sme_event_auth(struct wpa_supplicant *wpa_s, union wpa_event_data *data) } if (res != 1) return; + + wpa_printf(MSG_DEBUG, "SME: SAE completed - setting PMK for " + "4-way handshake"); + wpa_sm_set_pmk(wpa_s->wpa, wpa_s->sme.sae.pmk, PMK_LEN); } #endif /* CONFIG_SAE */ |