Commit
83935317a78fb4157eb6e5134527b9311dbf7b8c added forced
disconnection in case of 4-way handshake failures. However, it should
not have changed the case where the supplicant is requesting fallback
to full EAP authentication if the PMKID in EAPOL-Key message 1/4 is
not know. This case needs to send an EAPOL-Start frame instead of
EAPOL-Key message 2/4.
This works around a problem with APs that try to force PMKSA caching
even when the client does not include PMKID in (re)association request
frame to request it. [Bug 355]
Change-Id: Ib0175ccddbc961583b2662abc1e21c95927b084a
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
wpa_sm_ether_send(sm, sm->bssid, ETH_P_EAPOL,
buf, buflen);
os_free(buf);
+ return -2;
}
return -1;
struct wpa_eapol_ie_parse ie;
struct wpa_ptk *ptk;
u8 buf[8];
+ int res;
if (wpa_sm_get_network_ctx(sm) == NULL) {
wpa_printf(MSG_WARNING, "WPA: No SSID info found (msg 1 of "
}
#endif /* CONFIG_NO_WPA2 */
- if (wpa_supplicant_get_pmk(sm, src_addr, ie.pmkid))
+ res = wpa_supplicant_get_pmk(sm, src_addr, ie.pmkid);
+ if (res == -2) {
+ wpa_printf(MSG_DEBUG, "RSN: Do not reply to msg 1/4 - "
+ "requesting full EAP authentication");
+ return;
+ }
+ if (res)
goto failed;
if (sm->renew_snonce) {