* [PATCH v2 4/5] eapol: don't enforce PMKID on 1/4 if require_handshake is false
@ 2021-09-28 22:05 James Prestwood
0 siblings, 0 replies; only message in thread
From: James Prestwood @ 2021-09-28 22:05 UTC (permalink / raw)
To: iwd
[-- Attachment #1: Type: text/plain, Size: 768 bytes --]
FT/FILS handle their own PMK derivation but rekeys still require
using the 4-way handshake. There is some ambiguity in the spec whether
or not the PMKID needs to be included in message 1/4 and it appears
that when rekeying after FT/FILS hostapd does not include a PMKID.
---
src/eapol.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/eapol.c b/src/eapol.c
index 9543bced..8dce9a68 100644
--- a/src/eapol.c
+++ b/src/eapol.c
@@ -1147,7 +1147,8 @@ static void eapol_handle_ptk_1_of_4(struct eapol_sm *sm,
* send no PMKID KDE.
*/
if (!sm->eap_exchanged && !sm->handshake->wpa_ie &&
- rsn_info.num_pmkids) {
+ rsn_info.num_pmkids &&
+ sm->require_handshake) {
bool found = false;
int i;
--
2.31.1
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2021-09-28 22:05 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-09-28 22:05 [PATCH v2 4/5] eapol: don't enforce PMKID on 1/4 if require_handshake is false James Prestwood
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.