From 24efd4a505c27d97c8bccfa9e8c7a6258536b852 Mon Sep 17 00:00:00 2001 From: Shreyas Sheth Date: Tue, 8 Nov 2022 16:11:59 +0530 Subject: [PATCH] esp_wifi: Bugfix WPA Enterprise Reauthentication issue --- components/wpa_supplicant/src/rsn_supp/wpa.c | 14 +++++++++++--- components/wpa_supplicant/src/rsn_supp/wpa_i.h | 2 +- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/components/wpa_supplicant/src/rsn_supp/wpa.c b/components/wpa_supplicant/src/rsn_supp/wpa.c index 94c6e20bc5..d987678a17 100644 --- a/components/wpa_supplicant/src/rsn_supp/wpa.c +++ b/components/wpa_supplicant/src/rsn_supp/wpa.c @@ -784,6 +784,8 @@ void wpa_supplicant_key_neg_complete(struct wpa_sm *sm, wpa_sm_set_state(WPA_COMPLETED); sm->wpa_neg_complete(); + sm->eapol1_count = 0; + sm->use_ext_key_id = 0; if (secure) { wpa_sm_mlme_setprotection( @@ -1265,7 +1267,7 @@ static void wpa_supplicant_process_3_of_4(struct wpa_sm *sm, if (ie.transition_disable) esp_wifi_sta_disable_wpa2_authmode_internal(); - if (sm->key_install && sm->key_info & WPA_KEY_INFO_INSTALL) { + if (sm->key_install && sm->key_info & WPA_KEY_INFO_INSTALL && sm->use_ext_key_id) { wpa_supplicant_install_ptk(sm, KEY_FLAG_RX); } /*after txover, callback will continue run remain task*/ @@ -1314,8 +1316,13 @@ static int wpa_supplicant_send_4_of_4_txcallback(struct wpa_sm *sm) u16 key_info=sm->key_info; if (sm->key_install && key_info & WPA_KEY_INFO_INSTALL) { - if (wpa_supplicant_activate_ptk(sm)) - goto failed; + if (sm->use_ext_key_id) { + if (wpa_supplicant_activate_ptk(sm)) + goto failed; + } else { + if (wpa_supplicant_install_ptk(sm, KEY_FLAG_TX | KEY_FLAG_RX)) + goto failed; + } } else if (sm->key_install == false) { wpa_printf(MSG_DEBUG, "PTK has been installed, it may be an attack, ignor it."); @@ -2263,6 +2270,7 @@ int wpa_set_bss(char *macddr, char * bssid, u8 pairwise_cipher, u8 group_cipher, memcpy(sm->own_addr, macddr, ETH_ALEN); memcpy(sm->bssid, bssid, ETH_ALEN); sm->ap_notify_completed_rsne = esp_wifi_sta_is_ap_notify_completed_rsne_internal(); + sm->use_ext_key_id = (sm->proto == WPA_PROTO_WPA); if (sm->key_mgmt == WPA_KEY_MGMT_SAE || is_wpa2_enterprise_connection()) { diff --git a/components/wpa_supplicant/src/rsn_supp/wpa_i.h b/components/wpa_supplicant/src/rsn_supp/wpa_i.h index 6a2f4fb727..0a1dd0d5f8 100644 --- a/components/wpa_supplicant/src/rsn_supp/wpa_i.h +++ b/components/wpa_supplicant/src/rsn_supp/wpa_i.h @@ -80,7 +80,7 @@ struct wpa_sm { struct install_key install_ptk; struct install_key install_gtk; int mic_errors_seen; /* Michael MIC errors with the current PTK */ - + int use_ext_key_id; /* Enabled only for WPA PSK first key exchange */ void (* sendto) (void *buffer, uint16_t len); void (*config_assoc_ie) (u8 proto, u8 *assoc_buf, u32 assoc_wpa_ie_len); void (*install_ppkey) (enum wpa_alg alg, u8 *addr, int key_idx, int set_tx,