[PATCH] FT: disable PMKSA cache for FT-IEEE8021X
Hong Wu
Hong.Wu
Mon Jun 27 13:14:26 PDT 2011
wpa_supplicant uses XXKEY instead of PMK to derive PMK-R0 and PMK-R1 for
FT-IEEE8021X key mgmt.
Signed-off-by: Hong Wu <hong.wu at dspg.com>
---
src/rsn_supp/wpa.c | 6 ++++--
1 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c
index 01a46dc..92556de
--- a/src/rsn_supp/wpa.c
+++ b/src/rsn_supp/wpa.c
@@ -198,7 +198,8 @@ static int wpa_supplicant_get_pmk(struct wpa_sm *sm,
wpa_hexdump_key(MSG_DEBUG, "WPA: PMK from EAPOL state
"
"machines", sm->pmk, pmk_len);
sm->pmk_len = pmk_len;
- if (sm->proto == WPA_PROTO_RSN) {
+ if (sm->proto == WPA_PROTO_RSN &&
+ !wpa_key_mgmt_ft(sm->key_mgmt)) {
pmksa_cache_add(sm->pmksa, sm->pmk, pmk_len,
src_addr, sm->own_addr,
sm->network_ctx, sm->key_mgmt);
@@ -227,7 +228,8 @@ static int wpa_supplicant_get_pmk(struct wpa_sm *sm,
}
}
- if (abort_cached && wpa_key_mgmt_wpa_ieee8021x(sm->key_mgmt)) {
+ if (abort_cached && wpa_key_mgmt_wpa_ieee8021x(sm->key_mgmt) &&
+ !wpa_key_mgmt_ft(sm->key_mgmt)) {
/* Send EAPOL-Start to trigger full EAP authentication. */
u8 *buf;
size_t buflen;
--
1.7.0.4
______________________________________________________________________
DSP Group, Inc. automatically scans all emails and attachments using MessageLabs Email Security System.
_____________________________________________________________________
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/hostap/attachments/20110627/65991ba0/attachment.htm
More information about the Hostap
mailing list