Merge branch 'bugfix/wpa_enterprise_reauth_v4.3' into 'release/v4.3'

esp_wifi: Fix WiFi Enterprise Reauthentication issue (v4.3) See merge request espressif/esp-idf!21073
espressif · Nov 23, 2022 · d732a84 · d732a84
2 parents 92a3ba8 + 7e8cca6
commit d732a84
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 4 deletions.
diff --git a/components/wpa_supplicant/src/rsn_supp/wpa.c b/components/wpa_supplicant/src/rsn_supp/wpa.c
@@ -800,6 +800,8 @@ void   wpa_supplicant_key_neg_complete(struct wpa_sm *sm,
     wpa_sm_set_state(WPA_COMPLETED);
 
     sm->wpa_neg_complete();
+    sm->eapol1_count = 0;
+    sm->use_ext_key_id = 0;
 
     if (secure) {
         wpa_sm_mlme_setprotection(
@@ -1309,7 +1311,7 @@ int   ieee80211w_set_keys(struct wpa_sm *sm,
     if (ie.transition_disable)
         esp_wifi_sta_disable_wpa2_authmode_internal();
 
-    if (sm->key_install && sm->key_info & WPA_KEY_INFO_INSTALL) {
+    if (sm->key_install && sm->key_info & WPA_KEY_INFO_INSTALL && sm->use_ext_key_id) {
         wpa_supplicant_install_ptk(sm, KEY_FLAG_RX);
     }
     /*after txover, callback will continue run remain task*/
@@ -1358,8 +1360,13 @@ static int wpa_supplicant_activate_ptk(struct wpa_sm *sm)
        u16 key_info=sm->key_info;
 
     if (sm->key_install && key_info & WPA_KEY_INFO_INSTALL) {
-        if (wpa_supplicant_activate_ptk(sm))
-            goto failed;
+        if (sm->use_ext_key_id) {
+            if (wpa_supplicant_activate_ptk(sm))
+                goto failed;
+        } else {
+            if (wpa_supplicant_install_ptk(sm, KEY_FLAG_TX | KEY_FLAG_RX))
+                goto failed;
+        }
     }
     else if (sm->key_install == false) {
         wpa_printf(MSG_DEBUG, "PTK has been installed, it may be an attack, ignor it.");
@@ -2237,6 +2244,7 @@ int wpa_set_bss(char *macddr, char * bssid, u8 pairwise_cipher, u8 group_cipher,
     memcpy(sm->own_addr, macddr, ETH_ALEN);
     memcpy(sm->bssid, bssid, ETH_ALEN);
     sm->ap_notify_completed_rsne = esp_wifi_sta_is_ap_notify_completed_rsne_internal();
+    sm->use_ext_key_id = (sm->proto == WPA_PROTO_WPA);
 
     if (sm->key_mgmt == WPA_KEY_MGMT_SAE ||
         is_wpa2_enterprise_connection()) {

diff --git a/components/wpa_supplicant/src/rsn_supp/wpa_i.h b/components/wpa_supplicant/src/rsn_supp/wpa_i.h
@@ -80,7 +80,7 @@ struct wpa_sm {
     struct install_key install_ptk;
     struct install_key install_gtk;
     int mic_errors_seen; /* Michael MIC errors with the current PTK */
-
+    int use_ext_key_id; /* Enabled only for WPA PSK first key exchange */
     void (* sendto) (void *buffer, uint16_t len);
     void (*config_assoc_ie) (u8 proto, u8 *assoc_buf, u32 assoc_wpa_ie_len);
     void (*install_ppkey) (enum wpa_alg alg, u8 *addr, int key_idx, int set_tx,