From: Srinivas Dasari <dasaris@codeaurora.org>
Date: Thu, 10 May 2018 10:13:28 +0000 (+0530)
Subject: SAE: Flush PMKSA if an assoc reject without timeout is received
X-Git-Tag: hostap_2_7~343
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d109aa6cacf2c3f643de0c758a30b0daf936a67a;p=thirdparty%2Fhostap.git

SAE: Flush PMKSA if an assoc reject without timeout is received

Flush the PMKSA upon receiving association reject event without timeout
in the event data in SME-in-driver case to avoid trying to use the old
PMKSA entry in subsequent connection attempts. Do not flush PMKSA if
association reject is received with timeout as it is generated
internally from the driver without reaching the AP. This is similar to
the SME-in-wpa_supplicant case that was already addressed within
sme_event_assoc_reject().

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
---

diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c
index 1fd5116d9..9400090cf 100644
--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
@@ -4116,6 +4116,18 @@ void wpa_supplicant_event(void *ctx, enum wpa_event_type event,
 		else {
 			const u8 *bssid = data->assoc_reject.bssid;
 
+#ifdef CONFIG_SAE
+		if (wpa_s->current_ssid &&
+		    wpa_key_mgmt_sae(wpa_s->current_ssid->key_mgmt) &&
+		    !data->assoc_reject.timed_out) {
+			wpa_dbg(wpa_s, MSG_DEBUG,
+				"SAE: Drop PMKSA cache entry");
+			wpa_sm_aborted_cached(wpa_s->wpa);
+			wpa_sm_pmksa_cache_flush(wpa_s->wpa,
+						 wpa_s->current_ssid);
+		}
+#endif /* CONFIG_SAE */
+
 #ifdef CONFIG_FILS
 			/* Update ERP next sequence number */
 			if (wpa_s->auth_alg == WPA_AUTH_ALG_FILS)