[RFC] Allow the wpa_ie to be updated when reassociating to a different AP

Helmut Schaa helmut.schaa at googlemail.com
Tue Apr 6 03:58:33 EDT 2010


Ping. Any ideas regarding the issue below?

Helmut

Am Freitag 19 März 2010 schrieb Helmut Schaa:
> Allow the wpa_ie to be updated when reassociating to a different AP. This
> fixes issues when reassociating with a new AP we have preauthenticated
> first.
> 
> The association with the first AP sets the appropriate wpa_ie. However,
> when reassociating to a new AP within the same ESS (without prior
> disassociation) wpa_sm_set_assoc_wpa_ie_default generates a correct wpa_ie
> and returns it for use in the reassociation request but does not store it
> in assoc_wpa_ie. Hence, the stored assoc_wpa_ie is still the one from the
> previous association and won't contain the correct PMKID. As a result the
> AP will refuse the second message of the 4-way handshake due to a
> different wpa_ie (compared to the reassoc req).
> 
> Signed-off-by: Helmut Schaa <helmut.schaa at googlemail.com>
> ---
> 
> Since I'm not 100% sure to not create a different issue with this patch I'll
> send it as RFC.
> 
> Jouni, if you want to see a logfile with -ddt for this issue I can reproduce
> this behavior but I don't have the file from yesterday anymore :( and would
> have to set my environment up again. Nevertheless the logfile clearly showed
> that the wpa_ie's used in the reassoc request and in the 2nd message of the
> 4-way handshake were different.
> 
> Helmut
> 
>  src/rsn_supp/wpa.c |   22 ++++++++++------------
>  1 files changed, 10 insertions(+), 12 deletions(-)
> 
> diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c
> index df0688c..3264607 100644
> --- a/src/rsn_supp/wpa.c
> +++ b/src/rsn_supp/wpa.c
> @@ -2225,19 +2225,17 @@ int wpa_sm_set_assoc_wpa_ie_default(struct wpa_sm *sm, u8 *wpa_ie,
>  	wpa_hexdump(MSG_DEBUG, "WPA: Set own WPA IE default",
>  		    wpa_ie, *wpa_ie_len);
>  
> -	if (sm->assoc_wpa_ie == NULL) {
> -		/*
> -		 * Make a copy of the WPA/RSN IE so that 4-Way Handshake gets
> -		 * the correct version of the IE even if PMKSA caching is
> -		 * aborted (which would remove PMKID from IE generation).
> -		 */
> -		sm->assoc_wpa_ie = os_malloc(*wpa_ie_len);
> -		if (sm->assoc_wpa_ie == NULL)
> -			return -1;
> +	/*
> +	 * Make a copy of the WPA/RSN IE so that 4-Way Handshake gets
> +	 * the correct version of the IE even if PMKSA caching is
> +	 * aborted (which would remove PMKID from IE generation).
> +	 */
> +	sm->assoc_wpa_ie = os_malloc(*wpa_ie_len);
> +	if (sm->assoc_wpa_ie == NULL)
> +		return -1;
>  
> -		os_memcpy(sm->assoc_wpa_ie, wpa_ie, *wpa_ie_len);
> -		sm->assoc_wpa_ie_len = *wpa_ie_len;
> -	}
> +	os_memcpy(sm->assoc_wpa_ie, wpa_ie, *wpa_ie_len);
> +	sm->assoc_wpa_ie_len = *wpa_ie_len;
>  
>  	return 0;
>  }
> 



More information about the HostAP mailing list