From 1c9a1ea46dad0449d73c2a5620f6b254abe3053b Mon Sep 17 00:00:00 2001
From: Denis Kenzior <denkenz@gmail.com>
Date: Sun, 1 Jul 2018 20:40:40 -0500
Subject: [PATCH] eapol: Handle all zero PMKID

---
 src/eapol.c | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/src/eapol.c b/src/eapol.c
index 70722269..32d23710 100644
--- a/src/eapol.c
+++ b/src/eapol.c
@@ -966,6 +966,8 @@ static void eapol_handle_ptk_1_of_4(struct eapol_sm *sm,
 
 		if (handshake_state_get_pmkid(sm->handshake, own_pmkid) &&
 				memcmp(pmkid, own_pmkid, 16)) {
+			l_debug("Authenticator sent a PMKID that didn't match");
+
 			/*
 			 * If the AP has a different PMKSA from ours and we
 			 * have means to create a new PMKSA through EAP then
@@ -974,7 +976,18 @@ static void eapol_handle_ptk_1_of_4(struct eapol_sm *sm,
 			if (sm->eap) {
 				send_eapol_start(NULL, sm);
 				return;
-			} else
+			}
+
+			/*
+			 * Some APs are known to send a PMKID KDE with all
+			 * zeros for the PMKID.  Likely we can still
+			 * successfully negotiate a handshake, so ignore this
+			 * for now and treat it as if the PMKID KDE was not
+			 * included
+			 */
+			if (util_mem_is_zero(pmkid, 16))
+				l_debug("PMKID is all zero, ignoring");
+			else
 				goto error_unspecified;
 		}
 	}