aboutsummaryrefslogtreecommitdiffstats
path: root/src/rsn_supp
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2016-04-05 15:36:28 (GMT)
committerJouni Malinen <j@w1.fi>2016-04-05 15:36:28 (GMT)
commit00e2eb3b7cee08e941f6f6c6cabffbab6f646e41 (patch)
tree55c209803550ae3ad7d16613482b214a97d4eb89 /src/rsn_supp
parent41ba40e74d3301e474e25014d3c2aa124fc59ab9 (diff)
downloadhostap-00e2eb3b7cee08e941f6f6c6cabffbab6f646e41.zip
hostap-00e2eb3b7cee08e941f6f6c6cabffbab6f646e41.tar.gz
hostap-00e2eb3b7cee08e941f6f6c6cabffbab6f646e41.tar.bz2
RSN: Set EAPOL-Key Request Secure bit to 1 if PTK is set
The Secure bit in the Key Information field of EAPOL-Key frames is supposed to be set to 1 when there is a security association. This was done for other frames, but not for the EAPOL-Key Request frame where supplicant is requesting a new PTK to be derived (either due to Michael MIC failure report Error=1 or for other reasons with Error=0). In practice, EAPOL-Key Request frame is only sent when there is a PTK in place, so all such frames should have Secure=1. Signed-off-by: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'src/rsn_supp')
-rw-r--r--src/rsn_supp/wpa.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c
index e850119..3c47879 100644
--- a/src/rsn_supp/wpa.c
+++ b/src/rsn_supp/wpa.c
@@ -131,7 +131,7 @@ void wpa_sm_key_request(struct wpa_sm *sm, int error, int pairwise)
EAPOL_KEY_TYPE_RSN : EAPOL_KEY_TYPE_WPA;
key_info = WPA_KEY_INFO_REQUEST | ver;
if (sm->ptk_set)
- key_info |= WPA_KEY_INFO_MIC;
+ key_info |= WPA_KEY_INFO_MIC | WPA_KEY_INFO_SECURE;
if (error)
key_info |= WPA_KEY_INFO_ERROR;
if (pairwise)