hostapd: Force PSK to be derived again on BSS reload

This may be needed if the wpa_psk information for previously derived
from passphrase and either the SSID or the passphrase has changed.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

diff --git a/hostapd/config_file.c b/hostapd/config_file.c
index 0b05ab2..dc676ed 100644 (file)
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -2181,8 +2181,11 @@ static int hostapd_config_fill(struct hostapd_config *conf,
                        } else {
                                os_free(bss->ssid.wpa_passphrase);
                                bss->ssid.wpa_passphrase = os_strdup(pos);
-                               os_free(bss->ssid.wpa_psk);
-                               bss->ssid.wpa_psk = NULL;
+                               if (bss->ssid.wpa_passphrase) {
+                                       os_free(bss->ssid.wpa_psk);
+                                       bss->ssid.wpa_psk = NULL;
+                                       bss->ssid.wpa_passphrase_set = 1;
+                               }
                        }
                } else if (os_strcmp(buf, "wpa_psk") == 0) {
                        os_free(bss->ssid.wpa_psk);
@@ -2200,6 +2203,7 @@ static int hostapd_config_fill(struct hostapd_config *conf,
                                bss->ssid.wpa_psk->group = 1;
                                os_free(bss->ssid.wpa_passphrase);
                                bss->ssid.wpa_passphrase = NULL;
+                               bss->ssid.wpa_psk_set = 1;
                        }
                } else if (os_strcmp(buf, "wpa_psk_file") == 0) {
                        os_free(bss->ssid.wpa_psk_file);

diff --git a/src/ap/ap_config.h b/src/ap/ap_config.h
index 4f6a739..a9fc15a 100644 (file)
--- a/src/ap/ap_config.h
+++ b/src/ap/ap_config.h
@@ -53,6 +53,8 @@ struct hostapd_ssid {
        size_t ssid_len;
        unsigned int ssid_set:1;
        unsigned int utf8_ssid:1;
+       unsigned int wpa_passphrase_set:1;
+       unsigned int wpa_psk_set:1;
 
        char vlan[IFNAMSIZ + 1];
        secpolicy security_policy;

diff --git a/src/ap/hostapd.c b/src/ap/hostapd.c
index dcac2f2..6e7b37f 100644 (file)
--- a/src/ap/hostapd.c
+++ b/src/ap/hostapd.c
@@ -62,10 +62,22 @@ int hostapd_for_each_interface(struct hapd_interfaces *interfaces,
 
 static void hostapd_reload_bss(struct hostapd_data *hapd)
 {
+       struct hostapd_ssid *ssid;
+
 #ifndef CONFIG_NO_RADIUS
        radius_client_reconfig(hapd->radius, hapd->conf->radius);
 #endif /* CONFIG_NO_RADIUS */
 
+       ssid = &hapd->conf->ssid;
+       if (!ssid->wpa_psk_set && ssid->wpa_psk && !ssid->wpa_psk->next &&
+           ssid->wpa_passphrase_set && ssid->wpa_passphrase) {
+               /*
+                * Force PSK to be derived again since SSID or passphrase may
+                * have changed.
+                */
+               os_free(ssid->wpa_psk);
+               ssid->wpa_psk = NULL;
+       }
        if (hostapd_setup_wpa_psk(hapd->conf)) {
                wpa_printf(MSG_ERROR, "Failed to re-configure WPA PSK "
                           "after reloading configuration");