aboutsummaryrefslogtreecommitdiffstats
path: root/wpa_supplicant
diff options
context:
space:
mode:
authorSrinivas Dasari <dasaris@codeaurora.org>2018-05-10 10:13:28 (GMT)
committerJouni Malinen <j@w1.fi>2018-05-15 22:16:54 (GMT)
commitd109aa6cacf2c3f643de0c758a30b0daf936a67a (patch)
tree2ea47684ee9a65e081f47ff47c045ff520f428c9 /wpa_supplicant
parent46053a4c93555a40d49d548a88023097d79d7289 (diff)
downloadhostap-d109aa6cacf2c3f643de0c758a30b0daf936a67a.zip
hostap-d109aa6cacf2c3f643de0c758a30b0daf936a67a.tar.gz
hostap-d109aa6cacf2c3f643de0c758a30b0daf936a67a.tar.bz2
SAE: Flush PMKSA if an assoc reject without timeout is received
Flush the PMKSA upon receiving association reject event without timeout in the event data in SME-in-driver case to avoid trying to use the old PMKSA entry in subsequent connection attempts. Do not flush PMKSA if association reject is received with timeout as it is generated internally from the driver without reaching the AP. This is similar to the SME-in-wpa_supplicant case that was already addressed within sme_event_assoc_reject(). Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Diffstat (limited to 'wpa_supplicant')
-rw-r--r--wpa_supplicant/events.c12
1 files changed, 12 insertions, 0 deletions
diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c
index 1fd5116..9400090 100644
--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
@@ -4116,6 +4116,18 @@ void wpa_supplicant_event(void *ctx, enum wpa_event_type event,
else {
const u8 *bssid = data->assoc_reject.bssid;
+#ifdef CONFIG_SAE
+ if (wpa_s->current_ssid &&
+ wpa_key_mgmt_sae(wpa_s->current_ssid->key_mgmt) &&
+ !data->assoc_reject.timed_out) {
+ wpa_dbg(wpa_s, MSG_DEBUG,
+ "SAE: Drop PMKSA cache entry");
+ wpa_sm_aborted_cached(wpa_s->wpa);
+ wpa_sm_pmksa_cache_flush(wpa_s->wpa,
+ wpa_s->current_ssid);
+ }
+#endif /* CONFIG_SAE */
+
#ifdef CONFIG_FILS
/* Update ERP next sequence number */
if (wpa_s->auth_alg == WPA_AUTH_ALG_FILS)