FT: Allow CCMP-256 and GCMP-256 as group ciphers
The FT-specific check for valid group cipher in wpa_ft_gen_req_ies() was not up-to-date with the current list of supported ciphers. Fix this by using a generic function to determine validity of the cipher. In practice, this adds support for using CCMP-256 and GCMP-256 as the group cipher with FT. Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
348bc4e0eb
commit
05a90d78dc
3 changed files with 3 additions and 4 deletions
|
@ -492,7 +492,7 @@ static int rsn_key_mgmt_to_bitfield(const u8 *s)
|
|||
}
|
||||
|
||||
|
||||
static int wpa_cipher_valid_group(int cipher)
|
||||
int wpa_cipher_valid_group(int cipher)
|
||||
{
|
||||
return wpa_cipher_valid_pairwise(cipher) ||
|
||||
cipher == WPA_CIPHER_GTK_NOT_USED;
|
||||
|
|
|
@ -435,6 +435,7 @@ int wpa_ft_parse_ies(const u8 *ies, size_t ies_len, struct wpa_ft_ies *parse);
|
|||
int wpa_cipher_key_len(int cipher);
|
||||
int wpa_cipher_rsc_len(int cipher);
|
||||
int wpa_cipher_to_alg(int cipher);
|
||||
int wpa_cipher_valid_group(int cipher);
|
||||
int wpa_cipher_valid_pairwise(int cipher);
|
||||
int wpa_cipher_valid_mgmt_group(int cipher);
|
||||
u32 wpa_cipher_to_suite(int proto, int cipher);
|
||||
|
|
|
@ -168,9 +168,7 @@ static u8 * wpa_ft_gen_req_ies(struct wpa_sm *sm, size_t *len,
|
|||
pos = (u8 *) (rsnie + 1);
|
||||
|
||||
/* Group Suite Selector */
|
||||
if (sm->group_cipher != WPA_CIPHER_CCMP &&
|
||||
sm->group_cipher != WPA_CIPHER_GCMP &&
|
||||
sm->group_cipher != WPA_CIPHER_TKIP) {
|
||||
if (!wpa_cipher_valid_group(sm->group_cipher)) {
|
||||
wpa_printf(MSG_WARNING, "FT: Invalid group cipher (%d)",
|
||||
sm->group_cipher);
|
||||
os_free(buf);
|
||||
|
|
Loading…
Reference in a new issue