FILS: Fix BSSID in reassociation case

The RSN supplicant implementation needs to be updated to use the new
BSSID whenever doing FILS authentication. Previously, this was only done
when notifying association and that was too late for the case of
reassociation. Fix this by providing the new BSSID when calling
fils_process_auth(). This makes PTK derivation use the correct BSSID.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c
index 1349873385dfcadcaa33bd3e475af8c0b51690ef..4210ea7eba033cb69b32c492c2daf5618377a643 100644 (file)
--- a/src/rsn_supp/wpa.c
+++ b/src/rsn_supp/wpa.c
@@ -3328,7 +3328,8 @@ fail:
 }
 
 
-int fils_process_auth(struct wpa_sm *sm, const u8 *data, size_t len)
+int fils_process_auth(struct wpa_sm *sm, const u8 *bssid, const u8 *data,
+                     size_t len)
 {
        const u8 *pos, *end;
        struct ieee802_11_elems elems;
@@ -3338,6 +3339,8 @@ int fils_process_auth(struct wpa_sm *sm, const u8 *data, size_t len)
        size_t ick_len;
        int res;
 
+       os_memcpy(sm->bssid, bssid, ETH_ALEN);
+
        wpa_hexdump(MSG_DEBUG, "FILS: Authentication frame fields",
                    data, len);
        pos = data;

diff --git a/src/rsn_supp/wpa.h b/src/rsn_supp/wpa.h
index bde8c78c57b6a44d6e52c2c6005bd1f1765074fa..98162c1bfdbcfbea09a31b85557d0214b2d82594 100644 (file)
--- a/src/rsn_supp/wpa.h
+++ b/src/rsn_supp/wpa.h
@@ -435,7 +435,8 @@ int wpa_wnmsleep_install_key(struct wpa_sm *sm, u8 subelem_id, u8 *buf);
 void wpa_sm_set_test_assoc_ie(struct wpa_sm *sm, struct wpabuf *buf);
 
 struct wpabuf * fils_build_auth(struct wpa_sm *sm);
-int fils_process_auth(struct wpa_sm *sm, const u8 *data, size_t len);
+int fils_process_auth(struct wpa_sm *sm, const u8 *bssid, const u8 *data,
+                     size_t len);
 struct wpabuf * fils_build_assoc_req(struct wpa_sm *sm, const u8 **kek,
                                     size_t *kek_len, const u8 **snonce,
                                     const u8 **anonce,

diff --git a/wpa_supplicant/sme.c b/wpa_supplicant/sme.c
index beb9d6e21502a5ce6bcc9d76b85dc0669df52cce..cf16bf7c5f5598222f012f57ac3e043cb14b19df 100644 (file)
--- a/wpa_supplicant/sme.c
+++ b/wpa_supplicant/sme.c
@@ -960,8 +960,8 @@ void sme_event_auth(struct wpa_supplicant *wpa_s, union wpa_event_data *data)
 
 #ifdef CONFIG_FILS
        if (data->auth.auth_type == WLAN_AUTH_FILS_SK) {
-               if (fils_process_auth(wpa_s->wpa, data->auth.ies,
-                                     data->auth.ies_len) < 0) {
+               if (fils_process_auth(wpa_s->wpa, wpa_s->pending_bssid,
+                                     data->auth.ies, data->auth.ies_len) < 0) {
                        wpa_dbg(wpa_s, MSG_DEBUG,
                                "SME: FILS Authentication response processing failed");
                        wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_DISCONNECTED "bssid="