From: Peddolla Harshavardhan Reddy Date: Fri, 13 Jun 2025 17:40:52 +0000 (+0530) Subject: PASN: Reuse existing PTKSA cache keys instead of redoing PASN X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2b996453ff905b41d3e7a9363e8e2d9d75f04671;p=thirdparty%2Fhostap.git PASN: Reuse existing PTKSA cache keys instead of redoing PASN When a successful PASN exchange has already occurred with a peer, the derived keys are stored in the PTKSA cache. If another PASN request is received for the same peer, these cached keys should be reused. However, the cache was previously bypassed due to the incorrect pairwise cipher argument. Ensure the correct parameters are set in advance, from the RSNE data allowing the cache to be used when appropriate. Signed-off-by: Peddolla Harshavardhan Reddy --- diff --git a/wpa_supplicant/pasn_supplicant.c b/wpa_supplicant/pasn_supplicant.c index b290e3013..6399c58bc 100644 --- a/wpa_supplicant/pasn_supplicant.c +++ b/wpa_supplicant/pasn_supplicant.c @@ -360,6 +360,12 @@ static void wpas_pasn_configure_next_peer(struct wpa_supplicant *wpa_s, continue; } + if (wpas_pasn_get_params_from_bss(wpa_s, peer)) { + peer->status = PASN_STATUS_FAILURE; + wpa_s->pasn_count++; + continue; + } + if (wpas_pasn_set_keys_from_cache(wpa_s, peer->own_addr, peer->peer_addr, peer->cipher, @@ -369,12 +375,6 @@ static void wpas_pasn_configure_next_peer(struct wpa_supplicant *wpa_s, continue; } - if (wpas_pasn_get_params_from_bss(wpa_s, peer)) { - peer->status = PASN_STATUS_FAILURE; - wpa_s->pasn_count++; - continue; - } - if (wpas_pasn_auth_start(wpa_s, peer->own_addr, peer->peer_addr, peer->akmp, peer->cipher, peer->group,