aboutsummaryrefslogtreecommitdiffstats
path: root/src/ap/wpa_auth_i.h
diff options
context:
space:
mode:
authorJouni Malinen <jouni@qca.qualcomm.com>2012-01-02 20:36:11 (GMT)
committerJouni Malinen <j@w1.fi>2012-01-02 20:36:11 (GMT)
commit68921e24b2ef867d8b4d57192ddf1a3075c57edf (patch)
tree427fe8ef530459a6fbf0cdcdbea18677429d5758 /src/ap/wpa_auth_i.h
parentd567479153b9db89213ecd9c42188abfc37c79ba (diff)
downloadhostap-68921e24b2ef867d8b4d57192ddf1a3075c57edf.zip
hostap-68921e24b2ef867d8b4d57192ddf1a3075c57edf.tar.gz
hostap-68921e24b2ef867d8b4d57192ddf1a3075c57edf.tar.bz2
Allow SNonce update after sending EAPOL-Key 3/4 if 1/4 was retransmitted
Some supplicant implementations (e.g., Windows XP WZC) update SNonce for each EAPOL-Key 2/4. This breaks the workaround on accepting any of the pending requests, so allow the SNonce to be updated even if we have already sent out EAPOL-Key 3/4. While the issue was made less likely to occur when the retransmit timeout for the initial EAPOL-Key msg 1/4 was increased to 1000 ms, this fixes the problem even if that timeout is not long enough. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Diffstat (limited to 'src/ap/wpa_auth_i.h')
-rw-r--r--src/ap/wpa_auth_i.h6
1 files changed, 4 insertions, 2 deletions
diff --git a/src/ap/wpa_auth_i.h b/src/ap/wpa_auth_i.h
index d82192a..500d5a9 100644
--- a/src/ap/wpa_auth_i.h
+++ b/src/ap/wpa_auth_i.h
@@ -69,10 +69,11 @@ struct wpa_state_machine {
Boolean pairwise_set;
int keycount;
Boolean Pair;
- struct {
+ struct wpa_key_replay_counter {
u8 counter[WPA_REPLAY_COUNTER_LEN];
Boolean valid;
- } key_replay[RSNA_MAX_EAPOL_RETRIES];
+ } key_replay[RSNA_MAX_EAPOL_RETRIES],
+ prev_key_replay[RSNA_MAX_EAPOL_RETRIES];
Boolean PInitAKeys; /* WPA only, not in IEEE 802.11i */
Boolean PTKRequest; /* not in IEEE 802.11i state machine */
Boolean has_GTK;
@@ -87,6 +88,7 @@ struct wpa_state_machine {
unsigned int started:1;
unsigned int mgmt_frame_prot:1;
unsigned int rx_eapol_key_secure:1;
+ unsigned int update_snonce:1;
#ifdef CONFIG_IEEE80211R
unsigned int ft_completed:1;
unsigned int pmk_r1_name_valid:1;