FILS: Set pairwise_set when configuring TK after association

sm->pairwise_set needs to be set whenever the TK has been configured to
the driver to request following EAPOL frames to be encrypted (or more
specifically, not to request them to not be encrypted). The FILS case
missed this setting and that could result in rekeying or
reauthentication in an associated started with FILS not working
correctly.

Fixes: da24c5aa1c47 ("FILS: Set TK after association (AP)")
Signed-off-by: Jouni Malinen <j@w1.fi>

diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c
index 0cf603c109a17cf6d04551cc9ca5c5b704d1bdd6..f817c4a7e6637d06d429e322ce4f47cbdc2cfea4 100644 (file)
--- a/src/ap/wpa_auth.c
+++ b/src/ap/wpa_auth.c
@@ -2883,6 +2883,7 @@ int fils_set_tk(struct wpa_state_machine *sm)
                wpa_printf(MSG_DEBUG, "FILS: Failed to set TK to the driver");
                return -1;
        }
+       sm->pairwise_set = true;
        sm->tk_already_set = true;
 
        wpa_auth_store_ptksa(sm->wpa_auth, sm->addr, sm->pairwise,