diff options
author | Jouni Malinen <jouni@qca.qualcomm.com> | 2012-04-10 21:30:46 +0300 |
---|---|---|
committer | Jouni Malinen <j@w1.fi> | 2012-04-10 21:30:46 +0300 |
commit | 31b4961f02f222a5446988cd9f5f7d63acdd0508 (patch) | |
tree | ffd39ebfefbfe457c0b169cc177dd93677f9e2a2 /src | |
parent | d3bd0f057c8550619a19c08a5dc367b09f7b3e85 (diff) | |
download | external_wpa_supplicant_8_ti-31b4961f02f222a5446988cd9f5f7d63acdd0508.zip external_wpa_supplicant_8_ti-31b4961f02f222a5446988cd9f5f7d63acdd0508.tar.gz external_wpa_supplicant_8_ti-31b4961f02f222a5446988cd9f5f7d63acdd0508.tar.bz2 |
Fix EAP/WPS to PSK transition on reassociation in authenticator
A station may move from EAP/WPS key_mgmt to PSK using re-association. In
practice, this can happen most likely with WPS when the station runs
through the provisioning step (EAP/WPS) followed by PSK authentication.
If a deauthentication event is missed from the station for whatever
reason, the EAPOL authenticator state machine could have been left
running.
This can result in various issues, including unexpected disconnection of
the station while both the 4-way handshake and EAPOL authenticator state
machines (EAP) are running at the same time when the supplicant is
trying to use PSK. Fix this by explicitly clearing EAPOL authenticator
state machine on (re)association if the new association does not use it.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
intended-for: hostap-1
Diffstat (limited to 'src')
-rw-r--r-- | src/ap/ieee802_1x.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/src/ap/ieee802_1x.c b/src/ap/ieee802_1x.c index a329777..8a25242 100644 --- a/src/ap/ieee802_1x.c +++ b/src/ap/ieee802_1x.c @@ -861,12 +861,22 @@ void ieee802_1x_new_station(struct hostapd_data *hapd, struct sta_info *sta) if (!force_1x && !hapd->conf->ieee802_1x) { wpa_printf(MSG_DEBUG, "IEEE 802.1X: Ignore STA - " "802.1X not enabled or forced for WPS"); + /* + * Clear any possible EAPOL authenticator state to support + * reassociation change from WPS to PSK. + */ + ieee802_1x_free_station(sta); return; } key_mgmt = wpa_auth_sta_key_mgmt(sta->wpa_sm); if (key_mgmt != -1 && wpa_key_mgmt_wpa_psk(key_mgmt)) { wpa_printf(MSG_DEBUG, "IEEE 802.1X: Ignore STA - using PSK"); + /* + * Clear any possible EAPOL authenticator state to support + * reassociation change from WPA-EAP to PSK. + */ + ieee802_1x_free_station(sta); return; } |