From 03626e9157f6c4685f15c05ed439f4fdb0359bc8 Mon Sep 17 00:00:00 2001 From: Sunil Dutt Date: Sat, 30 Apr 2016 15:22:36 +0530 Subject: [PATCH] Skip connection attempt for non-RSN networks if PMF is set to required Since ieee80211w=2 is an explicit configuration to wpa_supplicant, the connection attempt for such non-PMF (non-RSN) capable networks should be skipped. Signed-off-by: Jouni Malinen --- wpa_supplicant/events.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c index f9b9cd667..61390335d 100644 --- a/wpa_supplicant/events.c +++ b/wpa_supplicant/events.c @@ -594,6 +594,14 @@ static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s, return 1; } +#ifdef CONFIG_IEEE80211W + if (wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) { + wpa_dbg(wpa_s, MSG_DEBUG, + " skip - MFP Required but network not MFP Capable"); + return 0; + } +#endif /* CONFIG_IEEE80211W */ + wpa_ie = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE); while ((ssid->proto & WPA_PROTO_WPA) && wpa_ie) { proto_match++;