From c9a8221800dfe18e5af3d2085ad5617d5f7fe9f1 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Mon, 8 Oct 2012 17:49:54 +0300 Subject: [PATCH] Filter out unlikely "pre-shared key may be incorrect" messages Add a function to filter out known cases of disconnection during 4-way handshake that are caused by something else than mismatch in PSK. This commit adds the case where the local end determines a mismatch in WPA/RSN element between Beacon/Probe Response frames and EAPOL-Key msg 3/4. This can avoid some potentially confusing "WPA: 4-Way Handshake failed - pre-shared key may be incorrect" ctrl_iface messages. Signed-hostap: Jouni Malinen --- wpa_supplicant/events.c | 25 +++++++++++++++++++++++-- 1 file changed, 23 insertions(+), 2 deletions(-) diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c index 5399f76d1..53b8338b2 100644 --- a/wpa_supplicant/events.c +++ b/wpa_supplicant/events.c @@ -1815,6 +1815,28 @@ static void wpa_supplicant_event_disassoc(struct wpa_supplicant *wpa_s, } +static int could_be_psk_mismatch(struct wpa_supplicant *wpa_s, u16 reason_code, + int locally_generated) +{ + if (wpa_s->wpa_state != WPA_4WAY_HANDSHAKE || + !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) + return 0; /* Not in 4-way handshake with PSK */ + + /* + * It looks like connection was lost while trying to go through PSK + * 4-way handshake. Filter out known disconnection cases that are caused + * by something else than PSK mismatch to avoid confusing reports. + */ + + if (locally_generated) { + if (reason_code == WLAN_REASON_IE_IN_4WAY_DIFFERS) + return 0; + } + + return 1; +} + + static void wpa_supplicant_event_disassoc_finish(struct wpa_supplicant *wpa_s, u16 reason_code, int locally_generated) @@ -1840,8 +1862,7 @@ static void wpa_supplicant_event_disassoc_finish(struct wpa_supplicant *wpa_s, return; } - if (wpa_s->wpa_state == WPA_4WAY_HANDSHAKE && - wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) { + if (could_be_psk_mismatch(wpa_s, reason_code, locally_generated)) { wpa_msg(wpa_s, MSG_INFO, "WPA: 4-Way Handshake failed - " "pre-shared key may be incorrect"); wpas_auth_failed(wpa_s);