diff options
| author | Jouni Malinen <j@w1.fi> | 2016-04-05 15:36:28 (GMT) |
|---|---|---|
| committer | Jouni Malinen <j@w1.fi> | 2016-04-05 15:36:28 (GMT) |
| commit | 00e2eb3b7cee08e941f6f6c6cabffbab6f646e41 (patch) | |
| tree | 55c209803550ae3ad7d16613482b214a97d4eb89 | |
| parent | 41ba40e74d3301e474e25014d3c2aa124fc59ab9 (diff) | |
| download | hostap-00e2eb3b7cee08e941f6f6c6cabffbab6f646e41.zip hostap-00e2eb3b7cee08e941f6f6c6cabffbab6f646e41.tar.gz hostap-00e2eb3b7cee08e941f6f6c6cabffbab6f646e41.tar.bz2 | |
RSN: Set EAPOL-Key Request Secure bit to 1 if PTK is set
The Secure bit in the Key Information field of EAPOL-Key frames is
supposed to be set to 1 when there is a security association. This was
done for other frames, but not for the EAPOL-Key Request frame where
supplicant is requesting a new PTK to be derived (either due to Michael
MIC failure report Error=1 or for other reasons with Error=0). In
practice, EAPOL-Key Request frame is only sent when there is a PTK in
place, so all such frames should have Secure=1.
Signed-off-by: Jouni Malinen <j@w1.fi>
| -rw-r--r-- | src/rsn_supp/wpa.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c index e850119..3c47879 100644 --- a/src/rsn_supp/wpa.c +++ b/src/rsn_supp/wpa.c @@ -131,7 +131,7 @@ void wpa_sm_key_request(struct wpa_sm *sm, int error, int pairwise) EAPOL_KEY_TYPE_RSN : EAPOL_KEY_TYPE_WPA; key_info = WPA_KEY_INFO_REQUEST | ver; if (sm->ptk_set) - key_info |= WPA_KEY_INFO_MIC; + key_info |= WPA_KEY_INFO_MIC | WPA_KEY_INFO_SECURE; if (error) key_info |= WPA_KEY_INFO_ERROR; if (pairwise) |