commit ce7d0eb1841ea4ebd5590d7ce2d9ff4d2a91878e
author Sunil Dutt <usdutt@qti.qualcomm.com> Thu Sep 17 10:30:42 2015 +0000
committer Jouni Malinen <j@w1.fi> Thu Sep 17 17:40:40 2015 +0700
tree ee65f34c7251ae37cd521b757fce16f635b5a974
parent 43fa110b0b6cc5f6db88497bcdbfae057bbe4d5b

Update AP WPA/RSN IE on all associations if driver can select BSS

It is possible for driver-based BSS selection to end up reassociating
back to the current AP. If wpa_supplicant preferred another BSS, it
would have updated the internal knowledge of the AP's WPA/RSN IE when
requesting a new connection. In the special case of existing association
and new association being with the same BSS that is different from the
wpa_supplicant preference, association event processing skipped the
WPA/RSN IE update. This could result in the following 4-way handshake
getting rejected due to incorrectly detected mismatch with AP's RSN/WPA
IE between Beacon/Probe Response frame and EAPOL-Key msg 3/4.

Fix this by updating the AP WPA/RSN IE on all association events when
driver-based BSS selection is used regardless of whether the BSSID
changes. This could also cover a theoretical case of the AP changing its
RSN/WPA IE at the very moment we try to reassociate back to the same
BSS.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

wpa_supplicant/events.c

diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c
index 0777a56..45ae7ea 100644
--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
@@ -2067,6 +2067,7 @@
 {
 	u8 bssid[ETH_ALEN];
 	int ft_completed;
+	int new_bss = 0;
 
 #ifdef CONFIG_AP
 	if (wpa_s->ap_iface) {
@@ -2098,6 +2099,7 @@
 	if (os_memcmp(bssid, wpa_s->bssid, ETH_ALEN) != 0) {
 		wpa_dbg(wpa_s, MSG_DEBUG, "Associated to a new BSS: BSSID="
 			MACSTR, MAC2STR(bssid));
+		new_bss = 1;
 		random_add_randomness(bssid, ETH_ALEN);
 		os_memcpy(wpa_s->bssid, bssid, ETH_ALEN);
 		os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
@@ -2111,13 +2113,13 @@
 				wpa_s, WLAN_REASON_DEAUTH_LEAVING);
 			return;
 		}
+	}
 
-		if (wpa_s->conf->ap_scan == 1 &&
-		    wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION) {
-			if (wpa_supplicant_assoc_update_ie(wpa_s) < 0)
-				wpa_msg(wpa_s, MSG_WARNING,
-					"WPA/RSN IEs not updated");
-		}
+	if (wpa_s->conf->ap_scan == 1 &&
+	    wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION) {
+		if (wpa_supplicant_assoc_update_ie(wpa_s) < 0 && new_bss)
+			wpa_msg(wpa_s, MSG_WARNING,
+				"WPA/RSN IEs not updated");
 	}
 
 #ifdef CONFIG_SME