SAE: Reject request with mismatching PMKID (no PMKSA cache entry)

Reject SAE association request when PMKID is included in the RSNE, but
the corresponding PMKSA is not available in the AP.

Signed-off-by: Ashok Ponnaiah <aponnaia@codeaurora.org>

diff --git a/src/ap/wpa_auth_ie.c b/src/ap/wpa_auth_ie.c
index c394293e8eb7b47960350b53d58e1d4b8c28e602..b80c19c2f8311d29822621a56e1cc20651b12144 100644 (file)
--- a/src/ap/wpa_auth_ie.c
+++ b/src/ap/wpa_auth_ie.c
@@ -827,6 +827,15 @@ int wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth,
                os_memcpy(wpa_auth->dot11RSNAPMKIDUsed, pmkid, PMKID_LEN);
        }
 
+#ifdef CONFIG_SAE
+       if (sm->wpa_key_mgmt == WPA_KEY_MGMT_SAE && data.num_pmkid &&
+           !sm->pmksa) {
+               wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG,
+                                "No PMKSA cache entry found for SAE");
+               return WPA_INVALID_PMKID;
+       }
+#endif /* CONFIG_SAE */
+
 #ifdef CONFIG_DPP
        if (sm->wpa_key_mgmt == WPA_KEY_MGMT_DPP && !sm->pmksa) {
                wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG,