SAE: Flush PMKSA if an assoc reject without timeout is received

Flush the PMKSA upon receiving association reject event without timeout
in the event data in SME-in-driver case to avoid trying to use the old
PMKSA entry in subsequent connection attempts. Do not flush PMKSA if
association reject is received with timeout as it is generated
internally from the driver without reaching the AP. This is similar to
the SME-in-wpa_supplicant case that was already addressed within
sme_event_assoc_reject().

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>

diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c
index 1fd5116d9a7820d224c1d708d0b5f2576a799353..9400090cf26fe4f362f0ec914c6b4d5457a396c5 100644 (file)
--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
@@ -4116,6 +4116,18 @@ void wpa_supplicant_event(void *ctx, enum wpa_event_type event,
                else {
                        const u8 *bssid = data->assoc_reject.bssid;
 
+#ifdef CONFIG_SAE
+               if (wpa_s->current_ssid &&
+                   wpa_key_mgmt_sae(wpa_s->current_ssid->key_mgmt) &&
+                   !data->assoc_reject.timed_out) {
+                       wpa_dbg(wpa_s, MSG_DEBUG,
+                               "SAE: Drop PMKSA cache entry");
+                       wpa_sm_aborted_cached(wpa_s->wpa);
+                       wpa_sm_pmksa_cache_flush(wpa_s->wpa,
+                                                wpa_s->current_ssid);
+               }
+#endif /* CONFIG_SAE */
+
 #ifdef CONFIG_FILS
                        /* Update ERP next sequence number */
                        if (wpa_s->auth_alg == WPA_AUTH_ALG_FILS)