FT: Fix FTIE generation for EAPOL-Key msg 3/4

This FTIE needs to be an exact copy of the one in (Re)Association
Response frame. Copy the stored element rather than building a new copy
that would not have the correct MIC value. This is needed to fix PTK
rekeying after FT protocol run.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c
index f70816598489fdba254992fac06393a8d97ac4c6..9b2382f338a3bf1feace2089a67f853554deae82 100644 (file)
--- a/src/ap/wpa_auth.c
+++ b/src/ap/wpa_auth.c
@@ -2328,10 +2328,18 @@ SM_STATE(WPA_PTK, PTKINITNEGOTIATING)
                struct wpa_auth_config *conf;
 
                conf = &sm->wpa_auth->conf;
-               res = wpa_write_ftie(conf, conf->r0_key_holder,
-                                    conf->r0_key_holder_len,
-                                    NULL, NULL, pos, kde + kde_len - pos,
-                                    NULL, 0);
+               if (sm->assoc_resp_ftie &&
+                   kde + kde_len - pos >= 2 + sm->assoc_resp_ftie[1]) {
+                       os_memcpy(pos, sm->assoc_resp_ftie,
+                                 2 + sm->assoc_resp_ftie[1]);
+                       res = 2 + sm->assoc_resp_ftie[1];
+               } else {
+                       res = wpa_write_ftie(conf, conf->r0_key_holder,
+                                            conf->r0_key_holder_len,
+                                            NULL, NULL, pos,
+                                            kde + kde_len - pos,
+                                            NULL, 0);
+               }
                if (res < 0) {
                        wpa_printf(MSG_ERROR, "FT: Failed to insert FTIE "
                                   "into EAPOL-Key Key Data");