FT: Update key mgmt properly in RSNE during roaming

When STA is performing roam from WPA3 AP to WPA2 AP, the STA was
including key mgmt FT-SAE instead of FT-PSK in FT Authentication request
RSNE when using driver-based SME. This is because the RSNE/MDE/FTE were
updated and forwarded to the driver using the NL80211_CMD_UPDATE_FT_IES
command before updating key mgmt properly. Because of this, the AP is
rejecting FT Authentication request with WLAN_REASON_UNSPECIFIED reason
code which is due to the invalid keymgmt in RSNE.

Fix this by reordering IE population to happen earlier in the sequence
so that the updated key mgmt information can be provided when using
NL80211_CMD_UPDATE_FT_IES.

Signed-off-by: Shiva Sankar Gajula <sgajula@codeaurora.org>

diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c
index fc0574e037b1d362ac44909b89a01de0dae2460b..c3e747260ffe7ea4e5f3a4bebe63e256b7b6cb95 100644 (file)
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -3487,6 +3487,20 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
        os_memset(&params, 0, sizeof(params));
        wpa_s->reassociate = 0;
        wpa_s->eap_expected_failure = 0;
+
+       /* Starting new association, so clear the possibly used WPA IE from the
+        * previous association. */
+       wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
+       wpa_sm_set_assoc_rsnxe(wpa_s->wpa, NULL, 0);
+       wpa_s->rsnxe_len = 0;
+       wpa_s->mscs_setup_done = false;
+
+       wpa_ie = wpas_populate_assoc_ies(wpa_s, bss, ssid, &params, NULL);
+       if (!wpa_ie) {
+               wpas_connect_work_done(wpa_s);
+               return;
+       }
+
        if (bss &&
            (!wpas_driver_bss_selection(wpa_s) || wpas_wps_searching(wpa_s))) {
 #ifdef CONFIG_IEEE80211R
@@ -3535,19 +3549,6 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
 
        wpa_supplicant_cancel_scan(wpa_s);
 
-       /* Starting new association, so clear the possibly used WPA IE from the
-        * previous association. */
-       wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
-       wpa_sm_set_assoc_rsnxe(wpa_s->wpa, NULL, 0);
-       wpa_s->rsnxe_len = 0;
-       wpa_s->mscs_setup_done = false;
-
-       wpa_ie = wpas_populate_assoc_ies(wpa_s, bss, ssid, &params, NULL);
-       if (!wpa_ie) {
-               wpas_connect_work_done(wpa_s);
-               return;
-       }
-
        wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
        use_crypt = 1;
        cipher_pairwise = wpa_s->pairwise_cipher;