Currently, PMK parameters in the WPA state machine are set from
configuration only when the interface is initialized.
If those parameters are changed later (for example, via D-Bus) and
then a new association starts, the new values will not have effect.
Update the parameters also before a new association.
Signed-off-by: Beniamino Galvani <bgalvani@xxxxxxxxxx>
---
wpa_supplicant/wpa_supplicant.c | 55 ++++++++++++++++++++-------------
1 file changed, 33 insertions(+), 22 deletions(-)
diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c
index 5111297dc..324983674 100644
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -2208,6 +2208,35 @@ int wpas_restore_permanent_mac_addr(struct wpa_supplicant *wpa_s)
}
+static int wpa_supplicant_init_wpa_sm_pmk_params(struct wpa_supplicant *wpa_s)
+{
+ if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
+ wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
+ wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
+ wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
+ "dot11RSNAConfigPMKLifetime");
+ return -1;
+ }
+
+ if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
+ wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
+ wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
+ wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
+ "dot11RSNAConfigPMKReauthThreshold");
+ return -1;
+ }
+
+ if (wpa_s->conf->dot11RSNAConfigSATimeout &&
+ wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
+ wpa_s->conf->dot11RSNAConfigSATimeout)) {
+ wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
+ "dot11RSNAConfigSATimeout");
+ return -1;
+ }
+
+ return 0;
+}
+
static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
/**
@@ -2340,6 +2369,9 @@ void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
*/
wpa_supplicant_rsn_supp_set_config(wpa_s, ssid);
+ if (wpa_supplicant_init_wpa_sm_pmk_params(wpa_s))
+ return;
+
#ifdef CONFIG_DPP
if (wpas_dpp_check_connect(wpa_s, ssid, bss) != 0)
return;
@@ -6688,29 +6720,8 @@ static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
NULL);
wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
- if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
- wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
- wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
- wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
- "dot11RSNAConfigPMKLifetime");
- return -1;
- }
-
- if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
- wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
- wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
- wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
- "dot11RSNAConfigPMKReauthThreshold");
- return -1;
- }
-
- if (wpa_s->conf->dot11RSNAConfigSATimeout &&
- wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
- wpa_s->conf->dot11RSNAConfigSATimeout)) {
- wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
- "dot11RSNAConfigSATimeout");
+ if (wpa_supplicant_init_wpa_sm_pmk_params(wpa_s))
return -1;
- }
wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
&wpa_s->hw.num_modes,
--
2.36.1
_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap
