[PATCH] Avoid Diffie-Hellman Element inclusion in Association

[Chittur Subramanian Raman]

Avoid Diffie-Hellman Element inclusion in Association Response frame from AP in case of PMKSA caching. As per RFC 8110 -  Opportunistic Wireless Encryption, if the AP has the PMK identified by the PMKID and wishes to perform "PMK caching", he will include the PMKID in his 802.11 association response but does not include a Diffie-Hellman Parameter element.

Signed-off-by: Chittur Subramanian Raman <craman at maxlinear.com>
---
src/ap/ieee802_11.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
index b91640070..c98e77103 100644
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -3890,7 +3890,8 @@ rsnxe_done:
#ifdef CONFIG_OWE
             if ((hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_OWE) &&
                 sta && sta->owe_ecdh && status_code == WLAN_STATUS_SUCCESS &&
-                 wpa_auth_sta_key_mgmt(sta->wpa_sm) == WPA_KEY_MGMT_OWE) {
+                wpa_auth_sta_key_mgmt(sta->wpa_sm) == WPA_KEY_MGMT_OWE &&
+                !wpa_auth_sta_get_pmksa(sta->wpa_sm)) {
                            struct wpabuf *pub;

                             pub = crypto_ecdh_get_pubkey(sta->owe_ecdh, 0);
-- 
2.11.0


-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Avoid-Diffie-Hellman-Element-inclusion-in-Associatio.patch
Type: application/octet-stream
Size: 1269 bytes
Desc: 0001-Avoid-Diffie-Hellman-Element-inclusion-in-Associatio.patch
URL: <http://lists.infradead.org/pipermail/hostap/attachments/20200820/deb768a5/attachment-0001.obj>