From 1317ea2c0e500057275bff32a58b05c4dce2405d Mon Sep 17 00:00:00 2001 From: Sunil Dutt Date: Mon, 8 Jul 2019 19:42:12 +0530 Subject: [PATCH] nl80211: Allow external auth based on SAE/FT-SAE key mgmt In the SME-in-driver case, wpa_supplicant used only the selected SAE auth_alg value as the trigger for enabling external authentication support for SAE. This prevented the driver from falling back to full SAE authentication if PMKSA caching was attempted (Open auth_alg selected) and the cached PMKID had been dropped. Enable external auth based on SAE/FT-SAE key_mgmt, rather than doing this based on SAE auth_alg, so that the driver can go through full SAE authentication in cases where PMKSA caching is attempted and it fails. Signed-off-by: Jouni Malinen --- src/drivers/driver_nl80211.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index 56810a7f1..6d88f786e 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -5762,7 +5762,8 @@ static int nl80211_connect_common(struct wpa_driver_nl80211_data *drv, nl80211_put_fils_connect_params(drv, params, msg) != 0) return -1; - if ((params->auth_alg & WPA_AUTH_ALG_SAE) && + if ((params->key_mgmt_suite == WPA_KEY_MGMT_SAE || + params->key_mgmt_suite == WPA_KEY_MGMT_FT_SAE) && (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME)) && nla_put_flag(msg, NL80211_ATTR_EXTERNAL_AUTH_SUPPORT)) return -1; @@ -5917,7 +5918,8 @@ static int wpa_driver_nl80211_associate( if (wpa_driver_nl80211_set_mode(priv, nlmode) < 0) return -1; - if (params->auth_alg & WPA_AUTH_ALG_SAE) { + if (params->key_mgmt_suite == WPA_KEY_MGMT_SAE || + params->key_mgmt_suite == WPA_KEY_MGMT_FT_SAE) { nl_connect = bss->nl_connect; bss->use_nl_connect = 1; } else {