This implements the FILS Extended Key ID support in wpa_supplicant compatible to our implementation for hostapd: When supporting Extended Key ID the KeyID for the pairwise key id must be also in the FILS handshake. Signed-off-by: Alexander Wetzel <alexander@xxxxxxxxxxxxxx> --- src/rsn_supp/wpa.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c index de463cba6..22ed47799 100644 --- a/src/rsn_supp/wpa.c +++ b/src/rsn_supp/wpa.c @@ -4563,11 +4563,16 @@ int fils_process_assoc_resp(struct wpa_sm *sm, const u8 *resp, size_t len) keylen, (long unsigned int) sm->ptk.tk_len); goto fail; } + + if (handle_extended_key_id(sm, &kde, + elems.rsn_ie - 2, elems.rsn_ie_len + 2)) + goto fail; + rsclen = wpa_cipher_rsc_len(sm->pairwise_cipher); wpa_hexdump_key(MSG_DEBUG, "FILS: Set TK to driver", sm->ptk.tk, keylen); - if (wpa_sm_set_key(sm, alg, sm->bssid, 0, 1, null_rsc, rsclen, - sm->ptk.tk, keylen, KEY_TYPE_PAIRWISE) < 0) { + if (wpa_sm_set_key(sm, alg, sm->bssid, sm->keyidx_active, 1, null_rsc, + rsclen, sm->ptk.tk, keylen, KEY_TYPE_PAIRWISE) < 0) { wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, "FILS: Failed to set PTK to the driver (alg=%d keylen=%d bssid=" MACSTR ")", -- 2.23.0 _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap