From 3e789d4ed4db12565c39a3f461e225199738aeb5 Mon Sep 17 00:00:00 2001 From: Kapil Gupta Date: Wed, 25 May 2022 13:59:59 +0530 Subject: [PATCH] esp_wifi: Changes to not use pmkid caching when SSID is changed --- components/wpa_supplicant/src/rsn_supp/wpa.c | 15 ++++++++++++++- components/wpa_supplicant/src/rsn_supp/wpa_i.h | 2 ++ 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/components/wpa_supplicant/src/rsn_supp/wpa.c b/components/wpa_supplicant/src/rsn_supp/wpa.c index 94293bfc37..ac458d75d0 100644 --- a/components/wpa_supplicant/src/rsn_supp/wpa.c +++ b/components/wpa_supplicant/src/rsn_supp/wpa.c @@ -2179,7 +2179,17 @@ int wpa_set_bss(char *macddr, char * bssid, u8 pairwise_cipher, u8 group_cipher, { int res = 0; struct wpa_sm *sm = &gWpaSm; + bool use_pmk_cache = true; + /* Incase AP has changed it's SSID, don't try with PMK caching for SAE connection */ + /* Ideally we should use network_ctx for this purpose however currently network profile block + * is part of libraries, + * TODO Correct this in future during NVS restructuring */ + if ((sm->key_mgmt == WPA_KEY_MGMT_SAE) && + (os_memcmp(sm->bssid, bssid, ETH_ALEN) == 0) && + (os_memcmp(sm->ssid, ssid, ssid_len) != 0)) { + use_pmk_cache = false; + } sm->pairwise_cipher = BIT(pairwise_cipher); sm->group_cipher = BIT(group_cipher); sm->rx_replay_counter_set = 0; //init state not intall replay counter value @@ -2192,7 +2202,7 @@ int wpa_set_bss(char *macddr, char * bssid, u8 pairwise_cipher, u8 group_cipher, if (sm->key_mgmt == WPA_KEY_MGMT_SAE || is_wpa2_enterprise_connection()) { - if (!esp_wifi_skip_supp_pmkcaching()) { + if (!esp_wifi_skip_supp_pmkcaching() && use_pmk_cache) { pmksa_cache_set_current(sm, NULL, (const u8*) bssid, 0, 0); wpa_sm_set_pmk_from_pmksa(sm); } else { @@ -2225,6 +2235,9 @@ int wpa_set_bss(char *macddr, char * bssid, u8 pairwise_cipher, u8 group_cipher, if (res < 0) return -1; sm->assoc_wpa_ie_len = res; + os_memset(sm->ssid, 0, sizeof(sm->ssid)); + os_memcpy(sm->ssid, ssid, ssid_len); + sm->ssid_len = ssid_len; wpa_set_passphrase(passphrase, ssid, ssid_len); return 0; } diff --git a/components/wpa_supplicant/src/rsn_supp/wpa_i.h b/components/wpa_supplicant/src/rsn_supp/wpa_i.h index e88fd5d77e..4aedef06dd 100644 --- a/components/wpa_supplicant/src/rsn_supp/wpa_i.h +++ b/components/wpa_supplicant/src/rsn_supp/wpa_i.h @@ -43,6 +43,8 @@ struct wpa_sm { u8 request_counter[WPA_REPLAY_COUNTER_LEN]; struct rsn_pmksa_cache *pmksa; /* PMKSA cache */ struct rsn_pmksa_cache_entry *cur_pmksa; /* current PMKSA entry */ + u8 ssid[32]; + size_t ssid_len; unsigned int pairwise_cipher; unsigned int group_cipher;