From d109aa6cacf2c3f643de0c758a30b0daf936a67a Mon Sep 17 00:00:00 2001
From: Srinivas Dasari <dasaris@codeaurora.org>
Date: Thu, 10 May 2018 15:43:28 +0530
Subject: [PATCH] SAE: Flush PMKSA if an assoc reject without timeout is
 received

Flush the PMKSA upon receiving association reject event without timeout
in the event data in SME-in-driver case to avoid trying to use the old
PMKSA entry in subsequent connection attempts. Do not flush PMKSA if
association reject is received with timeout as it is generated
internally from the driver without reaching the AP. This is similar to
the SME-in-wpa_supplicant case that was already addressed within
sme_event_assoc_reject().

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
---
 wpa_supplicant/events.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c
index 1fd5116d9..9400090cf 100644
--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
@@ -4116,6 +4116,18 @@ void wpa_supplicant_event(void *ctx, enum wpa_event_type event,
 		else {
 			const u8 *bssid = data->assoc_reject.bssid;
 
+#ifdef CONFIG_SAE
+		if (wpa_s->current_ssid &&
+		    wpa_key_mgmt_sae(wpa_s->current_ssid->key_mgmt) &&
+		    !data->assoc_reject.timed_out) {
+			wpa_dbg(wpa_s, MSG_DEBUG,
+				"SAE: Drop PMKSA cache entry");
+			wpa_sm_aborted_cached(wpa_s->wpa);
+			wpa_sm_pmksa_cache_flush(wpa_s->wpa,
+						 wpa_s->current_ssid);
+		}
+#endif /* CONFIG_SAE */
+
 #ifdef CONFIG_FILS
 			/* Update ERP next sequence number */
 			if (wpa_s->auth_alg == WPA_AUTH_ALG_FILS)
-- 
2.47.3