aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2005-05-19 03:25:17 (GMT)
committerJouni Malinen <j@w1.fi>2005-05-19 03:25:17 (GMT)
commit0977ad9d0f90d36ab15f044c50a108f80be60668 (patch)
tree5f1c34d9fd63fed6796e59c1945c8ccc0c7f8d0c
parentbe23e07d09bc299ed4e4cfc1415df939f72d375d (diff)
downloadhostap-history-0977ad9d0f90d36ab15f044c50a108f80be60668.zip
hostap-history-0977ad9d0f90d36ab15f044c50a108f80be60668.tar.gz
hostap-history-0977ad9d0f90d36ab15f044c50a108f80be60668.tar.bz2
Merged from CVS trunk into hostap_0_3_branch:
PatchSet 2454 Date: 2005/04/04 04:26:18 Author: jm Branch: HEAD Tag: (none) Log: Fixed PMKSA caching by moving EAP skipping from wpa.c event handler to ieee802_1x.c EAPOL state machine creation. This was apparently broken sometime when IEEE 802.1X draft changes were being integrated into hostapd. Members: hostapd/ChangeLog:1.69->1.70 hostapd/ieee802_1x.c:1.93->1.94 hostapd/wpa.c:1.73->1.74
-rw-r--r--hostapd/ChangeLog2
-rw-r--r--hostapd/ieee802_1x.c23
-rw-r--r--hostapd/wpa.c14
3 files changed, 23 insertions, 16 deletions
diff --git a/hostapd/ChangeLog b/hostapd/ChangeLog
index 8cbcfd2..41cd25b 100644
--- a/hostapd/ChangeLog
+++ b/hostapd/ChangeLog
@@ -11,6 +11,8 @@ ChangeLog for hostapd
* fixed RADIUS attribute Class processing to only use Access-Accept
packets to update Class; previously, other RADIUS authentication
packets could have cleared Class attribute
+ * fixed PMKSA caching (EAP authentication was not skipped correctly
+ with the new state machine changes from IEEE 802.1X draft)
2005-02-12 - v0.3.7 (beginning of 0.3.x stable releases)
diff --git a/hostapd/ieee802_1x.c b/hostapd/ieee802_1x.c
index 31075a3..7f3fe0c 100644
--- a/hostapd/ieee802_1x.c
+++ b/hostapd/ieee802_1x.c
@@ -807,8 +807,27 @@ void ieee802_1x_new_station(hostapd *hapd, struct sta_info *sta)
hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
HOSTAPD_LEVEL_DEBUG, "start authentication");
sta->eapol_sm = eapol_sm_alloc(hapd, sta);
- if (sta->eapol_sm)
- sta->eapol_sm->portEnabled = TRUE;
+ if (sta->eapol_sm == NULL) {
+ hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
+ HOSTAPD_LEVEL_INFO, "failed to allocate "
+ "state machine");
+ return;
+ }
+
+ sta->eapol_sm->portEnabled = TRUE;
+
+ if (sta->pmksa) {
+ hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
+ HOSTAPD_LEVEL_DEBUG,
+ "PMK from PMKSA cache - skip IEEE 802.1X/EAP");
+ /* Setup EAPOL state machines to already authenticated state
+ * because of existing PMKSA information in the cache. */
+ sta->eapol_sm->keyRun = TRUE;
+ sta->eapol_sm->keyAvailable = TRUE;
+ sta->eapol_sm->auth_pae.state = AUTH_PAE_AUTHENTICATING;
+ sta->eapol_sm->be_auth.state = BE_AUTH_SUCCESS;
+ sta->eapol_sm->authSuccess = TRUE;
+ }
}
diff --git a/hostapd/wpa.c b/hostapd/wpa.c
index a76d1ff..b0e42c2 100644
--- a/hostapd/wpa.c
+++ b/hostapd/wpa.c
@@ -1953,20 +1953,6 @@ void wpa_sm_event(struct hostapd_data *hapd, struct sta_info *sta,
break;
}
- if ((event == WPA_ASSOC || event == WPA_REAUTH) &&
- sta->eapol_sm && sta->pmksa) {
- hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_WPA,
- HOSTAPD_LEVEL_DEBUG,
- "PMK from PMKSA cache - skip IEEE 802.1X/EAP");
- /* Setup EAPOL state machines to already authenticated state
- * because of existing PMKSA information in the cache. */
- sta->eapol_sm->keyRun = TRUE;
- sta->eapol_sm->keyAvailable = TRUE;
- sta->eapol_sm->auth_pae.state = AUTH_PAE_AUTHENTICATING;
- sta->eapol_sm->be_auth.state = BE_AUTH_SUCCESS;
- sta->eapol_sm->authSuccess = TRUE;
- }
-
sm->PTK_valid = FALSE;
memset(&sm->PTK, 0, sizeof(sm->PTK));