Update AKMP and proto for driver-based SME while roaming

After roaming to a new AP using driver-based SME and roaming trigger,
AKMP and proto were not updated in wpa_sm. Hence, update AKMP and proto
used with roamed AP when association event received from the driver in
SME offloaded to the driver scenario to avoid incorrect AKMP details in
wpa_supplicant similarly to how the cipher suite updates were added in
commit 2b3e64a0fb5f ("Update ciphers to address GTK renewal failures
while roaming") .

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>

diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c
index 6fe3426d0884c4c802c739df7e5947ad88eb84f4..ca366e5904aefb7debe9f9dc80c5737b9f74eb23 100644 (file)
--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
@@ -2727,6 +2727,31 @@ static int wpa_supplicant_use_own_rsne_params(struct wpa_supplicant *wpa_s,
                    "WPA: Update cipher suite selection based on IEs in driver-generated WPA/RSNE in AssocReq",
                    p, l);
 
+       sel = ie.key_mgmt;
+       if (ssid->key_mgmt)
+               sel &= ssid->key_mgmt;
+
+       wpa_dbg(wpa_s, MSG_DEBUG,
+               "WPA: AP key_mgmt 0x%x network key_mgmt 0x%x; available key_mgmt 0x%x",
+               ie.key_mgmt, ssid->key_mgmt, sel);
+       if (ie.key_mgmt && !sel) {
+               wpa_supplicant_deauthenticate(
+                       wpa_s, WLAN_REASON_AKMP_NOT_VALID);
+               return -1;
+       }
+
+       wpa_s->wpa_proto = ie.proto;
+       wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, wpa_s->wpa_proto);
+       wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
+                        !!(wpa_s->wpa_proto &
+                           (WPA_PROTO_RSN | WPA_PROTO_OSEN)));
+
+       wpa_s->key_mgmt = ie.key_mgmt;
+       wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
+       wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT %s and proto %d",
+               wpa_key_mgmt_txt(wpa_s->key_mgmt, wpa_s->wpa_proto),
+               wpa_s->wpa_proto);
+
        sel = ie.group_cipher;
        if (ssid->group_cipher)
                sel &= ssid->group_cipher;