aboutsummaryrefslogtreecommitdiffstats
path: root/src/rsn_supp/pmksa_cache.h
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2018-04-08 17:06:40 (GMT)
committerJouni Malinen <j@w1.fi>2018-04-09 16:34:44 (GMT)
commit852b2f2738178f90b95c886176faf75ef301a296 (patch)
tree2e3db7fa4810c374834fcb0f911672f95603bc4c /src/rsn_supp/pmksa_cache.h
parent06b1a1043427778b82374fc63e540a264e12d82d (diff)
downloadhostap-852b2f2738178f90b95c886176faf75ef301a296.zip
hostap-852b2f2738178f90b95c886176faf75ef301a296.tar.gz
hostap-852b2f2738178f90b95c886176faf75ef301a296.tar.bz2
SAE: Only allow SAE AKMP for PMKSA caching attempts
Explicitly check the PMKSA cache entry to have matching SAE AKMP for the case where determining whether to use PMKSA caching instead of new SAE authentication. Previously, only the network context was checked, but a single network configuration profile could be used with both WPA2-PSK and SAE, so should check the AKMP as well. Signed-off-by: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'src/rsn_supp/pmksa_cache.h')
-rw-r--r--src/rsn_supp/pmksa_cache.h8
1 files changed, 5 insertions, 3 deletions
diff --git a/src/rsn_supp/pmksa_cache.h b/src/rsn_supp/pmksa_cache.h
index f9a72a6..626761d 100644
--- a/src/rsn_supp/pmksa_cache.h
+++ b/src/rsn_supp/pmksa_cache.h
@@ -61,7 +61,8 @@ pmksa_cache_init(void (*free_cb)(struct rsn_pmksa_cache_entry *entry,
void pmksa_cache_deinit(struct rsn_pmksa_cache *pmksa);
struct rsn_pmksa_cache_entry * pmksa_cache_get(struct rsn_pmksa_cache *pmksa,
const u8 *aa, const u8 *pmkid,
- const void *network_ctx);
+ const void *network_ctx,
+ int akmp);
int pmksa_cache_list(struct rsn_pmksa_cache *pmksa, char *buf, size_t len);
struct rsn_pmksa_cache_entry * pmksa_cache_head(struct rsn_pmksa_cache *pmksa);
struct rsn_pmksa_cache_entry *
@@ -76,10 +77,11 @@ struct rsn_pmksa_cache_entry * pmksa_cache_get_current(struct wpa_sm *sm);
void pmksa_cache_clear_current(struct wpa_sm *sm);
int pmksa_cache_set_current(struct wpa_sm *sm, const u8 *pmkid,
const u8 *bssid, void *network_ctx,
- int try_opportunistic, const u8 *fils_cache_id);
+ int try_opportunistic, const u8 *fils_cache_id,
+ int akmp);
struct rsn_pmksa_cache_entry *
pmksa_cache_get_opportunistic(struct rsn_pmksa_cache *pmksa,
- void *network_ctx, const u8 *aa);
+ void *network_ctx, const u8 *aa, int akmp);
void pmksa_cache_flush(struct rsn_pmksa_cache *pmksa, void *network_ctx,
const u8 *pmk, size_t pmk_len);