Fix WPS AP mode regression
Commit 03d3f28a69
broke initialization of
EAPOL authenticator state machines since an error value from
wpa_auth_sta_key_mgmt() (-1) was not handled properly and the fixed
wpa_key_mgmt_wpa_psk() identified the value as a PSK-based AKM because
of all bits being set to 1. The special error value needs to handled
separately to avoid skipping EAPOL state machine initialization.
This commit is contained in:
parent
4bb3377bc5
commit
df13a1cdff
1 changed files with 24 additions and 5 deletions
|
@ -680,6 +680,7 @@ void ieee802_1x_receive(struct hostapd_data *hapd, const u8 *sa, const u8 *buf,
|
||||||
struct ieee802_1x_eapol_key *key;
|
struct ieee802_1x_eapol_key *key;
|
||||||
u16 datalen;
|
u16 datalen;
|
||||||
struct rsn_pmksa_cache_entry *pmksa;
|
struct rsn_pmksa_cache_entry *pmksa;
|
||||||
|
int key_mgmt;
|
||||||
|
|
||||||
if (!hapd->conf->ieee802_1x && !hapd->conf->wpa &&
|
if (!hapd->conf->ieee802_1x && !hapd->conf->wpa &&
|
||||||
!hapd->conf->wps_state)
|
!hapd->conf->wps_state)
|
||||||
|
@ -731,10 +732,19 @@ void ieee802_1x_receive(struct hostapd_data *hapd, const u8 *sa, const u8 *buf,
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ((!hapd->conf->ieee802_1x &&
|
if (!hapd->conf->ieee802_1x &&
|
||||||
!(sta->flags & (WLAN_STA_WPS | WLAN_STA_MAYBE_WPS))) ||
|
!(sta->flags & (WLAN_STA_WPS | WLAN_STA_MAYBE_WPS))) {
|
||||||
wpa_key_mgmt_wpa_psk(wpa_auth_sta_key_mgmt(sta->wpa_sm)))
|
wpa_printf(MSG_DEBUG, "IEEE 802.1X: Ignore EAPOL message - "
|
||||||
|
"802.1X not enabled and WPS not used");
|
||||||
return;
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
key_mgmt = wpa_auth_sta_key_mgmt(sta->wpa_sm);
|
||||||
|
if (key_mgmt != -1 && wpa_key_mgmt_wpa_psk(key_mgmt)) {
|
||||||
|
wpa_printf(MSG_DEBUG, "IEEE 802.1X: Ignore EAPOL message - "
|
||||||
|
"STA is using PSK");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
if (!sta->eapol_sm) {
|
if (!sta->eapol_sm) {
|
||||||
sta->eapol_sm = ieee802_1x_alloc_eapol_sm(hapd, sta);
|
sta->eapol_sm = ieee802_1x_alloc_eapol_sm(hapd, sta);
|
||||||
|
@ -836,6 +846,7 @@ void ieee802_1x_new_station(struct hostapd_data *hapd, struct sta_info *sta)
|
||||||
struct rsn_pmksa_cache_entry *pmksa;
|
struct rsn_pmksa_cache_entry *pmksa;
|
||||||
int reassoc = 1;
|
int reassoc = 1;
|
||||||
int force_1x = 0;
|
int force_1x = 0;
|
||||||
|
int key_mgmt;
|
||||||
|
|
||||||
#ifdef CONFIG_WPS
|
#ifdef CONFIG_WPS
|
||||||
if (hapd->conf->wps_state && hapd->conf->wpa &&
|
if (hapd->conf->wps_state && hapd->conf->wpa &&
|
||||||
|
@ -849,9 +860,17 @@ void ieee802_1x_new_station(struct hostapd_data *hapd, struct sta_info *sta)
|
||||||
}
|
}
|
||||||
#endif /* CONFIG_WPS */
|
#endif /* CONFIG_WPS */
|
||||||
|
|
||||||
if ((!force_1x && !hapd->conf->ieee802_1x) ||
|
if (!force_1x && !hapd->conf->ieee802_1x) {
|
||||||
wpa_key_mgmt_wpa_psk(wpa_auth_sta_key_mgmt(sta->wpa_sm)))
|
wpa_printf(MSG_DEBUG, "IEEE 802.1X: Ignore STA - "
|
||||||
|
"802.1X not enabled or forced for WPS");
|
||||||
return;
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
key_mgmt = wpa_auth_sta_key_mgmt(sta->wpa_sm);
|
||||||
|
if (key_mgmt != -1 && wpa_key_mgmt_wpa_psk(key_mgmt)) {
|
||||||
|
wpa_printf(MSG_DEBUG, "IEEE 802.1X: Ignore STA - using PSK");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
if (sta->eapol_sm == NULL) {
|
if (sta->eapol_sm == NULL) {
|
||||||
hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
|
hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
|
||||||
|
|
Loading…
Reference in a new issue