Avoid Diffie-Hellman Element inclusion in Association Response frame from AP in case of PMKSA caching. As per RFC 8110 - Opportunistic Wireless Encryption, if the AP has the PMK identified by the PMKID and wishes to perform "PMK caching", he will include the PMKID in his 802.11 association response but does not include a Diffie-Hellman Parameter element.
Signed-off-by: Chittur Subramanian Raman <craman@xxxxxxxxxxxxx>
---
src/ap/ieee802_11.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
index b91640070..c98e77103 100644
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -3890,7 +3890,8 @@ rsnxe_done:
#ifdef CONFIG_OWE
if ((hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_OWE) &&
sta && sta->owe_ecdh && status_code == WLAN_STATUS_SUCCESS &&
- wpa_auth_sta_key_mgmt(sta->wpa_sm) == WPA_KEY_MGMT_OWE) {
+ wpa_auth_sta_key_mgmt(sta->wpa_sm) == WPA_KEY_MGMT_OWE &&
+ !wpa_auth_sta_get_pmksa(sta->wpa_sm)) {
struct wpabuf *pub;
pub = crypto_ecdh_get_pubkey(sta->owe_ecdh, 0);
--
2.11.0
Attachment:
0001-Avoid-Diffie-Hellman-Element-inclusion-in-Associatio.patch
Description: 0001-Avoid-Diffie-Hellman-Element-inclusion-in-Associatio.patch
_______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap
