FT: Derive PTK properly for rekeying with FT protocol

Do not try to derive a PMK-R0 and PMK-R1 again for the case where an
association was started with FT protocol and PTK is rekeyed using 4-way
handshake. Instead, use the previously derived PMK-R1 to allow a new PTK
to be derived.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>

diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c
index 54ad2a4b892461d6c449fa3f16c4b7a5ef54a2e3..f2e028c1599e847474448e6152606ab149ddaff0 100644 (file)
--- a/src/ap/wpa_auth.c
+++ b/src/ap/wpa_auth.c
@@ -2211,8 +2211,20 @@ static int wpa_derive_ptk(struct wpa_state_machine *sm, const u8 *snonce,
        size_t z_len = 0;
 
 #ifdef CONFIG_IEEE80211R_AP
-       if (wpa_key_mgmt_ft(sm->wpa_key_mgmt))
+       if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) {
+               if (sm->ft_completed) {
+                       u8 ptk_name[WPA_PMK_NAME_LEN];
+
+                       return wpa_pmk_r1_to_ptk(sm->pmk_r1, sm->pmk_r1_len,
+                                                sm->SNonce, sm->ANonce,
+                                                sm->addr, sm->wpa_auth->addr,
+                                                sm->pmk_r1_name,
+                                                ptk, ptk_name,
+                                                sm->wpa_key_mgmt,
+                                                sm->pairwise);
+               }
                return wpa_auth_derive_ptk_ft(sm, ptk);
+       }
 #endif /* CONFIG_IEEE80211R_AP */
 
 #ifdef CONFIG_DPP2