SAE: Make sure H2E PT is derived for external auth SSID profile

The driver's SME may choose a BSS of a different ESS (SSID) compared to
the current SSID and trigger external authentication. If the chosen SSID
is not associated/selected before by wpa_supplicant it won't have the
H2E PT derived. Make sure to derive PT for SSID indicated in the
external authentication request.

Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>

diff --git a/wpa_supplicant/sme.c b/wpa_supplicant/sme.c
index 2dad36ddc7e9970b0403e2a35ba9f2677bd2711b..af761243b4a24bd81ca0fd26d6eb2a41bc0300a2 100644 (file)
--- a/wpa_supplicant/sme.c
+++ b/wpa_supplicant/sme.c
@@ -1136,8 +1136,12 @@ static int sme_handle_external_auth_start(struct wpa_supplicant *wpa_s,
                if (!wpas_network_disabled(wpa_s, ssid) &&
                    ssid_str_len == ssid->ssid_len &&
                    os_memcmp(ssid_str, ssid->ssid, ssid_str_len) == 0 &&
-                   (ssid->key_mgmt & (WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE)))
+                   (ssid->key_mgmt & (WPA_KEY_MGMT_SAE |
+                                      WPA_KEY_MGMT_FT_SAE))) {
+                       /* Make sure PT is derived */
+                       wpa_s_setup_sae_pt(wpa_s->conf, ssid);
                        break;
+               }
        }
        if (!ssid ||
            sme_external_auth_send_sae_commit(wpa_s, data->external_auth.bssid,

diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c
index deb51a721cac3008ed384c407a3598ebc16905a2..4e79402b7c506f3aaa4b62a354207a87276bd163 100644 (file)
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -2257,7 +2257,7 @@ int wpas_update_random_addr_disassoc(struct wpa_supplicant *wpa_s)
 }
 
 
-static void wpa_s_setup_sae_pt(struct wpa_config *conf, struct wpa_ssid *ssid)
+void wpa_s_setup_sae_pt(struct wpa_config *conf, struct wpa_ssid *ssid)
 {
 #ifdef CONFIG_SAE
        int *groups = conf->sae_groups;

diff --git a/wpa_supplicant/wpa_supplicant_i.h b/wpa_supplicant/wpa_supplicant_i.h
index 076081ec811c383be21b5ff0fef93994f0bed664..f027bd64be6f0a18ec5240e816d59986c9fa4646 100644 (file)
--- a/wpa_supplicant/wpa_supplicant_i.h
+++ b/wpa_supplicant/wpa_supplicant_i.h
@@ -1833,6 +1833,7 @@ static inline int wpas_mode_to_ieee80211_mode(enum wpas_mode mode)
 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid);
 int wpas_get_ssid_pmf(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid);
 int pmf_in_use(struct wpa_supplicant *wpa_s, const u8 *addr);
+void wpa_s_setup_sae_pt(struct wpa_config *conf, struct wpa_ssid *ssid);
 
 int wpas_init_ext_pw(struct wpa_supplicant *wpa_s);