git.ipfire.org Git - thirdparty/hostap.git/commit

author	Rameshkumar Sundaram <quic_ramess@quicinc.com>
	Thu, 3 Apr 2025 06:54:10 +0000 (12:24 +0530)
committer	Jouni Malinen <j@w1.fi>
	Thu, 10 Apr 2025 08:55:15 +0000 (11:55 +0300)
commit	9603a83a1e3f07c4c0705b64e0b5bac27449749d
tree	c3140835140aa0d154201c7dace2c8ef91185e06	tree
parent	88b75669317c87e4a93386e05b888eef9ea2cf55	commit \| diff

AP MLD: Avoid reusing ML wpa state machine for non-ML STA

When a STA tries to associate as an MLD initially but doesn't complete
EAPOL due to some reason and reassociates (with the same MAC address)
as a non-ML STA, EAPOL 2/4 fails during MIC verification.

This is because the wpa_state_machine(sta->wpa_sm) is created when the
STA first associates as an ML STA and sm->mld_assoc_link_id is set. Now
when the STA reassociates in non-ML mode (sends Authentication and
Association Request frames without an MLE) the previous STA instance as
well as its previously created wpa_sm will be reused and hence AP MLD's
MLD MAC address is used as AA to derive PTK.

To fix this, reset the sta->wpa_sm if a non MFP or non authorized STA
tries to reassociate.

Also since now sm object is freed directly (without ap_free_sta()),
reset valid flag and release group references for all links.

Signed-off-by: Rameshkumar Sundaram <quic_ramess@quicinc.com>

src/ap/ieee802_11.c		diff \| blob \| blame \| history
src/ap/sta_info.c		diff \| blob \| blame \| history
src/ap/sta_info.h		diff \| blob \| blame \| history
src/ap/wpa_auth.c		diff \| blob \| blame \| history