From 833bb2ab15c2d2b4821174058a89a9e1df68d68e Mon Sep 17 00:00:00 2001
From: Jouni Malinen <jouni@codeaurora.org>
Date: Mon, 21 May 2018 22:18:50 +0300
Subject: [PATCH] FT: Disable PMKSA caching with FT

PMKSA caching with FT is not fully functional, so disable the case for
now, so that wpa_supplicant does not end up trying to connect with a
PMKSA cache entry from another AKM. FT-EAP was already modified long
time ago to not add PMKSA cache entries itself.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
---
 wpa_supplicant/wpa_supplicant.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c
index dcd787bec..3de919854 100644
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -1389,6 +1389,13 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
 	} else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
 		wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
 		wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
+		if (pmksa_cache_get_current(wpa_s->wpa)) {
+			/* PMKSA caching with FT is not fully functional, so
+			 * disable the case for now. */
+			wpa_dbg(wpa_s, MSG_DEBUG,
+				"WPA: Disable PMKSA caching for FT/802.1X connection");
+			pmksa_cache_clear_current(wpa_s->wpa);
+		}
 	} else if (sel & WPA_KEY_MGMT_FT_PSK) {
 		wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
 		wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");