FT: Store PTKSA from FT protocol

PTKSA was stored for the 4-way handshake and FILS cases, but not when it
was being derived through the use of the FT protocol.

Fixes: f2f8e4f458 ("Add PTKSA cache to hostapd")
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
This commit is contained in:
Jouni Malinen 2023-02-21 17:20:47 +02:00 committed by Jouni Malinen
parent ba6954874e
commit 242c3ad990
2 changed files with 9 additions and 0 deletions

View file

@ -35,6 +35,9 @@
const unsigned int ftRRBseqTimeout = 10; const unsigned int ftRRBseqTimeout = 10;
const unsigned int ftRRBmaxQueueLen = 100; const unsigned int ftRRBmaxQueueLen = 100;
/* TODO: make these configurable */
static const int dot11RSNAConfigPMKLifetime = 43200;
static int wpa_ft_send_rrb_auth_resp(struct wpa_state_machine *sm, static int wpa_ft_send_rrb_auth_resp(struct wpa_state_machine *sm,
const u8 *current_ap, const u8 *sta_addr, const u8 *current_ap, const u8 *sta_addr,
@ -2949,6 +2952,9 @@ void wpa_ft_install_ptk(struct wpa_state_machine *sm, int retry)
/* FIX: MLME-SetProtection.Request(TA, Tx_Rx) */ /* FIX: MLME-SetProtection.Request(TA, Tx_Rx) */
sm->pairwise_set = true; sm->pairwise_set = true;
sm->tk_already_set = true; sm->tk_already_set = true;
wpa_auth_store_ptksa(sm->wpa_auth, sm->addr, sm->pairwise,
dot11RSNAConfigPMKLifetime, &sm->PTK);
} }

View file

@ -296,6 +296,9 @@ int wpa_auth_for_each_sta(struct wpa_authenticator *wpa_auth,
int wpa_auth_for_each_auth(struct wpa_authenticator *wpa_auth, int wpa_auth_for_each_auth(struct wpa_authenticator *wpa_auth,
int (*cb)(struct wpa_authenticator *a, void *ctx), int (*cb)(struct wpa_authenticator *a, void *ctx),
void *cb_ctx); void *cb_ctx);
void wpa_auth_store_ptksa(struct wpa_authenticator *wpa_auth,
const u8 *addr, int cipher,
u32 life_time, const struct wpa_ptk *ptk);
#ifdef CONFIG_IEEE80211R_AP #ifdef CONFIG_IEEE80211R_AP
int wpa_write_mdie(struct wpa_auth_config *conf, u8 *buf, size_t len); int wpa_write_mdie(struct wpa_auth_config *conf, u8 *buf, size_t len);