Home Explore Help
Register Sign In
wareck
/
krackattacks
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

FILS: Extend wpa_auth_pmksa_get() to support PMKID matching

This is needed for FILS processing to enable PMKSA caching.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen 9 years ago
parent
c30bd28b14
commit
c1bd4bac5f
4 changed files with 8 additions and 6 deletions
Split View Show Diff Stats
  1. 3 2
      src/ap/wpa_auth.c
  2. 2 1
      src/ap/wpa_auth.h
  3. 1 1
      wpa_supplicant/mesh_mpm.c
  4. 2 2
      wpa_supplicant/mesh_rsn.c

+ 3 - 2
src/ap/wpa_auth.c
View File 

@@ -3518,11 +3518,12 @@ void wpa_auth_pmksa_flush(struct wpa_authenticator *wpa_auth)
 
 
 
 struct rsn_pmksa_cache_entry *
 
-wpa_auth_pmksa_get(struct wpa_authenticator *wpa_auth, const u8 *sta_addr)
 
+wpa_auth_pmksa_get(struct wpa_authenticator *wpa_auth, const u8 *sta_addr,
 
+		   const u8 *pmkid)
 
 {
 
 	if (!wpa_auth || !wpa_auth->pmksa)
 
 		return NULL;
 
-	return pmksa_cache_auth_get(wpa_auth->pmksa, sta_addr, NULL);
 
+	return pmksa_cache_auth_get(wpa_auth->pmksa, sta_addr, pmkid);
 
 }

+ 2 - 1
src/ap/wpa_auth.h
View File 

@@ -303,7 +303,8 @@ int wpa_auth_pmksa_list(struct wpa_authenticator *wpa_auth, char *buf,
 
 			size_t len);
 
 void wpa_auth_pmksa_flush(struct wpa_authenticator *wpa_auth);
 
 struct rsn_pmksa_cache_entry *
 
-wpa_auth_pmksa_get(struct wpa_authenticator *wpa_auth, const u8 *sta_addr);
 
+wpa_auth_pmksa_get(struct wpa_authenticator *wpa_auth, const u8 *sta_addr,
 
+		   const u8 *pmkid);
 
 void wpa_auth_pmksa_set_to_sm(struct rsn_pmksa_cache_entry *pmksa,
 
 			      struct wpa_state_machine *sm,
 
 			      struct wpa_authenticator *wpa_auth,

+ 1 - 1
wpa_supplicant/mesh_mpm.c
View File 

@@ -1135,7 +1135,7 @@ void mesh_mpm_action_rx(struct wpa_supplicant *wpa_s,
 
 	 */
 
 	if (!sta && action_field == PLINK_OPEN &&
 
 	    (!(mconf->security & MESH_CONF_SEC_AMPE) ||
 
-	     wpa_auth_pmksa_get(hapd->wpa_auth, mgmt->sa)))
 
+	     wpa_auth_pmksa_get(hapd->wpa_auth, mgmt->sa, NULL)))
 
 		sta = mesh_mpm_add_peer(wpa_s, mgmt->sa, &elems);
 
 
 	if (!sta) {

+ 2 - 2
wpa_supplicant/mesh_rsn.c
View File 

@@ -333,7 +333,7 @@ int mesh_rsn_auth_sae_sta(struct wpa_supplicant *wpa_s,
 
 			return -1;
 
 	}
 
 
-	pmksa = wpa_auth_pmksa_get(hapd->wpa_auth, sta->addr);
 
+	pmksa = wpa_auth_pmksa_get(hapd->wpa_auth, sta->addr, NULL);
 
 	if (pmksa) {
 
 		if (!sta->wpa_sm)
 
 			sta->wpa_sm = wpa_auth_sta_init(hapd->wpa_auth,
 
@@ -611,7 +611,7 @@ int mesh_rsn_process_ampe(struct wpa_supplicant *wpa_s, struct sta_info *sta,
 
 	if (!sta->sae) {
 
 		struct hostapd_data *hapd = wpa_s->ifmsh->bss[0];
 
 
-		if (!wpa_auth_pmksa_get(hapd->wpa_auth, sta->addr)) {
 
+		if (!wpa_auth_pmksa_get(hapd->wpa_auth, sta->addr, NULL)) {
 
 			wpa_printf(MSG_INFO,
 
 				   "Mesh RSN: SAE is not prepared yet");
 
 			return -1;