From: Sunil Dutt Date: Thu, 25 Mar 2021 14:17:13 +0000 (-0700) Subject: Set last_eapol_matches_bssid=1 on a roam+auth indication from driver X-Git-Tag: hostap_2_10~320 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0bae16122938f4e89ca2b2dce59b895618777872;p=thirdparty%2Fhostap.git Set last_eapol_matches_bssid=1 on a roam+auth indication from driver Commit 3ab35a660364 ("Extend EAPOL frames processing workaround for roaming cases") added a work around to address the issue of EAPOL frame reception after reassociation replied to with an incorrect destination address (the BSSID of the old AP). This is due to association events and EAPOL RX events being reordered for the roaming cases with drivers that perform BSS selection internally. This mechanism relies on the fact that the driver always forwards the EAPOL handshake to wpa_supplicant after the roaming (sets last_eapol_matches_bssid during the EAPOL processing and resets on the assoc/reassoc indication). The above approach does not address the case where the driver does the EAPOL handshake on the roam, indicating the authorized status to wpa_supplicant but also forwards the EAPOL handshake to wpa_supplicant for few other roam attempts. This is because the flag last_eapol_matches_bssid is not set with the roam+authorized event from the driver. Thus, the next reorder of roam and EAPOL RX events would miss this workaround. Address this by setting last_eapol_matches_bssid=1 on a roam+authorized event from the driver. Signed-off-by: Jouni Malinen --- diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c index 5e73ab406..717a5eefb 100644 --- a/wpa_supplicant/events.c +++ b/wpa_supplicant/events.c @@ -4405,6 +4405,8 @@ static void wpa_supplicant_event_assoc_auth(struct wpa_supplicant *wpa_s, wpa_supplicant_event_port_authorized(wpa_s); + wpa_s->last_eapol_matches_bssid = 1; + wpa_sm_set_rx_replay_ctr(wpa_s->wpa, data->assoc_info.key_replay_ctr); wpa_sm_set_ptk_kck_kek(wpa_s->wpa, data->assoc_info.ptk_kck, data->assoc_info.ptk_kck_len,