Fix status code in SAE/DPP association PMKID mismatch (driver-AP-SME)

wpa_validate_wpa_ie() was already extended to cover these cases with
WPA_INVALID_PMKID return value, but hostapd_notif_assoc() did not have
code for mapping this into the appropriate status code
(STATUS_INVALID_PMKID) and ended up using the default
(WLAN_STATUS_INVALID_IE) instead. This caused AP SME-in-driver cases
returning incorrect status code when the AP did not have a matching
PMKSA cache entry. This could result in unexpected station behavior
where the station could continue trying to use a PMKSA cache entry that
the AP does not have and not being able to recover this.

Fix this by adding the previously missed mapping of validation errors to
status/reason codes.

Fixes: 567da5bbd027 ("DPP: Add new AKM")
Fixes: 458d8984de1d ("SAE: Reject request with mismatching PMKID (no PMKSA cache entry)")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>

diff --git a/src/ap/drv_callbacks.c b/src/ap/drv_callbacks.c
index 3198bd563b0c572893a507a5e0e7532062eae207..e5ce76d1136851289767a23bfa1bc0d4b7b719d1 100644 (file)
--- a/src/ap/drv_callbacks.c
+++ b/src/ap/drv_callbacks.c
@@ -344,6 +344,9 @@ int hostapd_notif_assoc(struct hostapd_data *hapd, const u8 *addr,
                        } else if (res == WPA_INVALID_MGMT_GROUP_CIPHER) {
                                reason = WLAN_REASON_CIPHER_SUITE_REJECTED;
                                status = WLAN_STATUS_CIPHER_REJECTED_PER_POLICY;
+                       } else if (res == WPA_INVALID_PMKID) {
+                               reason = WLAN_REASON_INVALID_PMKID;
+                               status = WLAN_STATUS_INVALID_PMKID;
                        } else {
                                reason = WLAN_REASON_INVALID_IE;
                                status = WLAN_STATUS_INVALID_IE;