ASSOC: Mark Port authorization and State Completion based
on authorized state in connect event
In case of drivers supporting 4way handshake offload, mark port
authorized and state completion only if driver advertizes authorized
state in the connect event. Otherwise there are fair chances of driver
port authorization api gets called while 4-way handshake is in progress
at the lower layer.
In order to avoid this possible race condition always update port
authorization and supplicant state WPA_COMPLETED setting from
EVENT_PORT_AUTHORIZED context when driver is done with 4way handshake.
Additionally there is change to avoid plumbing PSK during initial
assoc as its done during initial connect in case of 4-way handshake
offload.
The CL includes change to address additional PMK length to support newer
key mgmt like SUITEB-192.
Bug: 236661101
Test: Validated the different security connections/roam on Hikey platform
Signed-off-by: Vinayak Yadawad <vinayak.yadawad@broadcom.com>
Change-Id: I2c438ca961fe7e6d70d6d013035362dd94488b15
diff --git a/wpa_supplicant/wpas_glue.c b/wpa_supplicant/wpas_glue.c
index 8a0fe8d..90af6eb 100644
--- a/wpa_supplicant/wpas_glue.c
+++ b/wpa_supplicant/wpas_glue.c
@@ -286,7 +286,7 @@
{
struct wpa_supplicant *wpa_s = ctx;
int res, pmk_len;
- u8 pmk[PMK_LEN];
+ u8 pmk[PMK_LEN_MAX];
wpa_printf(MSG_DEBUG, "EAPOL authentication completed - result=%s",
result_str(result));
@@ -336,7 +336,11 @@
wpa_printf(MSG_DEBUG, "Configure PMK for driver-based RSN 4-way "
"handshake");
- pmk_len = PMK_LEN;
+ if (wpa_key_mgmt_sha384(wpa_s->key_mgmt))
+ pmk_len = PMK_LEN_SUITE_B_192;
+ else
+ pmk_len = PMK_LEN;
+
if (wpa_key_mgmt_ft(wpa_s->key_mgmt)) {
#ifdef CONFIG_IEEE80211R
u8 buf[2 * PMK_LEN];
@@ -351,7 +355,7 @@
res = -1;
#endif /* CONFIG_IEEE80211R */
} else {
- res = eapol_sm_get_key(eapol, pmk, PMK_LEN);
+ res = eapol_sm_get_key(eapol, pmk, pmk_len);
if (res) {
/*
* EAP-LEAP is an exception from other EAP methods: it