FT: Disable PMKSA caching with FT
PMKSA caching with FT is not fully functional, so disable the case for now, so that wpa_supplicant does not end up trying to connect with a PMKSA cache entry from another AKM. FT-EAP was already modified long time ago to not add PMKSA cache entries itself. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
parent
91db940ff0
commit
833bb2ab15
1 changed files with 7 additions and 0 deletions
|
@ -1389,6 +1389,13 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
|
||||||
} else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
|
} else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
|
||||||
wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
|
wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
|
||||||
wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
|
wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
|
||||||
|
if (pmksa_cache_get_current(wpa_s->wpa)) {
|
||||||
|
/* PMKSA caching with FT is not fully functional, so
|
||||||
|
* disable the case for now. */
|
||||||
|
wpa_dbg(wpa_s, MSG_DEBUG,
|
||||||
|
"WPA: Disable PMKSA caching for FT/802.1X connection");
|
||||||
|
pmksa_cache_clear_current(wpa_s->wpa);
|
||||||
|
}
|
||||||
} else if (sel & WPA_KEY_MGMT_FT_PSK) {
|
} else if (sel & WPA_KEY_MGMT_FT_PSK) {
|
||||||
wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
|
wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
|
||||||
wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
|
wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
|
||||||
|
|
Loading…
Reference in a new issue