Gitiles
Code Review Sign In
gerrit.omnirom.org / android_external_wpa_supplicant_8 / a40e50f10ade0c8bece37d481af30327a5a44da9^1..a40e50f10ade0c8bece37d481af30327a5a44da9 / .
commita40e50f10ade0c8bece37d481af30327a5a44da9[log] [tgz]
authorJouni Malinen <j@w1.fi>Thu Oct 12 20:02:33 2017 +0000
committerandroid-build-merger <android-build-merger@google.com>Thu Oct 12 20:02:33 2017 +0000
tree65c9ab561e6ab2b4d09432ec2d0bf56c00872318
parent3dbadca1b17ab1fe10b342c82a4c729d8614ad80 [diff]
parentfc6f131de058fc111a5f1b466cb44ea0f2482eaa [diff]
FT: Do not allow multiple Reassociation Response frames am: e01e480a81 am: 3827dcc787
am: fc6f131de0

Change-Id: I94bc2e2cb80201a8f132e5d37d157fceff5c6687

diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c
index 0d2b0aa..1221e67 100644
--- a/src/rsn_supp/wpa.c
+++ b/src/rsn_supp/wpa.c

@@ -2419,7 +2419,9 @@
 #ifdef CONFIG_TDLS
 	wpa_tdls_disassoc(sm);
 #endif /* CONFIG_TDLS */
-
+#ifdef CONFIG_IEEE80211R
+	sm->ft_reassoc_completed = 0;
+#endif /* CONFIG_IEEE80211R */
 	/* Keys are not needed in the WPA state machine anymore */
 	wpa_sm_drop_sa(sm);
 

diff --git a/src/rsn_supp/wpa_ft.c b/src/rsn_supp/wpa_ft.c
index 205793e..d45bb45 100644
--- a/src/rsn_supp/wpa_ft.c
+++ b/src/rsn_supp/wpa_ft.c

@@ -153,6 +153,7 @@
 	u16 capab;
 
 	sm->ft_completed = 0;
+	sm->ft_reassoc_completed = 0;
 
 	buf_len = 2 + sizeof(struct rsn_mdie) + 2 + sizeof(struct rsn_ftie) +
 		2 + sm->r0kh_id_len + ric_ies_len + 100;
@@ -681,6 +682,11 @@
 		return -1;
 	}
 
+	if (sm->ft_reassoc_completed) {
+		wpa_printf(MSG_DEBUG, "FT: Reassociation has already been completed for this FT protocol instance - ignore unexpected retransmission");
+		return 0;
+	}
+
 	if (wpa_ft_parse_ies(ies, ies_len, &parse) < 0) {
 		wpa_printf(MSG_DEBUG, "FT: Failed to parse IEs");
 		return -1;
@@ -781,6 +787,8 @@
 		return -1;
 	}
 
+	sm->ft_reassoc_completed = 1;
+
 	if (wpa_ft_process_gtk_subelem(sm, parse.gtk, parse.gtk_len) < 0)
 		return -1;
 

diff --git a/src/rsn_supp/wpa_i.h b/src/rsn_supp/wpa_i.h
index 2d32e46..a653802 100644
--- a/src/rsn_supp/wpa_i.h
+++ b/src/rsn_supp/wpa_i.h

@@ -126,6 +126,7 @@
 	size_t r0kh_id_len;
 	u8 r1kh_id[FT_R1KH_ID_LEN];
 	int ft_completed;
+	int ft_reassoc_completed;
 	int over_the_ds_in_progress;
 	u8 target_ap[ETH_ALEN]; /* over-the-DS target AP */
 	int set_ptk_after_assoc;