common: Allow WPA_CIPHER_GTK_NOT_USED as a valid group management cipher

PASN authentication requires that group management cipher suite would be set to 00-0F-AC:7 in the RSNE, so consider it as a valid group management cipher and adjust the code accordingly. Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2020-12-16 13:00:16 +02:00 · 2020-12-16 13:00:16 +02:00 · 019507e10e
commit 019507e10e
parent 2447212214
2 changed files with 5 additions and 2 deletions
--- a/src/common/wpa_common.c
+++ b/src/common/wpa_common.c
@ -1216,7 +1216,8 @@ int wpa_cipher_valid_group(int cipher)
 int wpa_cipher_valid_mgmt_group(int cipher)
 {
-	return cipher == WPA_CIPHER_AES_128_CMAC ||
+	return cipher == WPA_CIPHER_GTK_NOT_USED ||
 		cipher == WPA_CIPHER_AES_128_CMAC ||
 		cipher == WPA_CIPHER_BIP_GMAC_128 ||
 		cipher == WPA_CIPHER_BIP_GMAC_256 ||
 		cipher == WPA_CIPHER_BIP_CMAC_256;
--- a/src/rsn_supp/wpa.c
+++ b/src/rsn_supp/wpa.c
@ -1306,7 +1306,8 @@ static int ieee80211w_set_keys(struct wpa_sm *sm,
 {
 	size_t len;
-	if (!wpa_cipher_valid_mgmt_group(sm->mgmt_group_cipher))
+	if (!wpa_cipher_valid_mgmt_group(sm->mgmt_group_cipher) ||
 	    sm->mgmt_group_cipher == WPA_CIPHER_GTK_NOT_USED)
 		return 0;
 	if (ie->igtk) {
@ -1665,6 +1666,7 @@ static void wpa_supplicant_process_3_of_4(struct wpa_sm *sm,
 	}
 	if (ie.igtk &&
 	    sm->mgmt_group_cipher != WPA_CIPHER_GTK_NOT_USED &&
 	    wpa_cipher_valid_mgmt_group(sm->mgmt_group_cipher) &&
 	    ie.igtk_len != WPA_IGTK_KDE_PREFIX_LEN +
 	    (unsigned int) wpa_cipher_key_len(sm->mgmt_group_cipher)) {