Fix EAP state machine reset with offloaded roaming and authorization

[mech_eap.git] / wpa_supplicant / events.c

diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c
index 50461b6..08ff672 100644 (file)
--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
@@ -2234,7 +2234,7 @@ static void wpa_supplicant_event_assoc(struct wpa_supplicant *wpa_s,
                                       union wpa_event_data *data)
 {
        u8 bssid[ETH_ALEN];
-       int ft_completed;
+       int ft_completed, already_authorized;
        int new_bss = 0;
 
 #ifdef CONFIG_AP
@@ -2310,6 +2310,8 @@ static void wpa_supplicant_event_assoc(struct wpa_supplicant *wpa_s,
        if (wpa_s->l2)
                l2_packet_notify_auth_start(wpa_s->l2);
 
+       already_authorized = data && data->assoc_info.authorized;
+
        /*
         * Set portEnabled first to FALSE in order to get EAP state machine out
         * of the SUCCESS state and eapSuccess cleared. Without this, EAPOL PAE
@@ -2318,11 +2320,12 @@ static void wpa_supplicant_event_assoc(struct wpa_supplicant *wpa_s,
         * AUTHENTICATED without ever giving chance to EAP state machine to
         * reset the state.
         */
-       if (!ft_completed) {
+       if (!ft_completed && !already_authorized) {
                eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
                eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
        }
-       if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) || ft_completed)
+       if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) || ft_completed ||
+           already_authorized)
                eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
        /* 802.1X::portControl = Auto */
        eapol_sm_notify_portEnabled(wpa_s->eapol, TRUE);