Update PSK after cross AKM roaming to WPA-PSK when driver's SME in use

4-way handshake was failing after the driver roam from SAE to WPA-PSK
due to wpa_sm having an old PMK which was generated during previous SAE
connection.

To fix this update PSK to wpa_sm when AKM changes from SAE to WPA-PSK
for the target AP to have a correct PMK for 4-way handshake. Also,
update PSK to the driver when key management offload is enabled.

Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
This commit is contained in:
Veerendranath Jakkam 2022-02-20 08:59:13 +05:30 committed by Jouni Malinen
parent 7e97c619a9
commit 48c620829c

View file

@ -2796,6 +2796,28 @@ static int wpa_supplicant_use_own_rsne_params(struct wpa_supplicant *wpa_s,
return -1; return -1;
} }
/*
* Update PMK in wpa_sm and the driver if roamed to WPA/WPA2 PSK from a
* different AKM.
*/
if (wpa_s->key_mgmt != ie.key_mgmt &&
wpa_key_mgmt_wpa_psk_no_sae(ie.key_mgmt)) {
if (!ssid->psk_set) {
wpa_dbg(wpa_s, MSG_INFO,
"No PSK available for association");
wpas_auth_failed(wpa_s, "NO_PSK_AVAILABLE");
return -1;
}
wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN, NULL, NULL);
if (wpa_s->conf->key_mgmt_offload &&
(wpa_s->drv_flags & WPA_DRIVER_FLAGS_KEY_MGMT_OFFLOAD) &&
wpa_drv_set_key(wpa_s, 0, NULL, 0, 0, NULL, 0, ssid->psk,
PMK_LEN, KEY_FLAG_PMK))
wpa_dbg(wpa_s, MSG_ERROR,
"WPA: Cannot set PMK for key management offload");
}
wpa_s->key_mgmt = ie.key_mgmt; wpa_s->key_mgmt = ie.key_mgmt;
wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt); wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT %s and proto %d", wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT %s and proto %d",