nl80211: Allow external auth based on SAE/FT-SAE key mgmt
In the SME-in-driver case, wpa_supplicant used only the selected SAE auth_alg value as the trigger for enabling external authentication support for SAE. This prevented the driver from falling back to full SAE authentication if PMKSA caching was attempted (Open auth_alg selected) and the cached PMKID had been dropped. Enable external auth based on SAE/FT-SAE key_mgmt, rather than doing this based on SAE auth_alg, so that the driver can go through full SAE authentication in cases where PMKSA caching is attempted and it fails. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
parent
cdb5774f42
commit
1317ea2c0e
1 changed files with 4 additions and 2 deletions
|
@ -5762,7 +5762,8 @@ static int nl80211_connect_common(struct wpa_driver_nl80211_data *drv,
|
||||||
nl80211_put_fils_connect_params(drv, params, msg) != 0)
|
nl80211_put_fils_connect_params(drv, params, msg) != 0)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
if ((params->auth_alg & WPA_AUTH_ALG_SAE) &&
|
if ((params->key_mgmt_suite == WPA_KEY_MGMT_SAE ||
|
||||||
|
params->key_mgmt_suite == WPA_KEY_MGMT_FT_SAE) &&
|
||||||
(!(drv->capa.flags & WPA_DRIVER_FLAGS_SME)) &&
|
(!(drv->capa.flags & WPA_DRIVER_FLAGS_SME)) &&
|
||||||
nla_put_flag(msg, NL80211_ATTR_EXTERNAL_AUTH_SUPPORT))
|
nla_put_flag(msg, NL80211_ATTR_EXTERNAL_AUTH_SUPPORT))
|
||||||
return -1;
|
return -1;
|
||||||
|
@ -5917,7 +5918,8 @@ static int wpa_driver_nl80211_associate(
|
||||||
|
|
||||||
if (wpa_driver_nl80211_set_mode(priv, nlmode) < 0)
|
if (wpa_driver_nl80211_set_mode(priv, nlmode) < 0)
|
||||||
return -1;
|
return -1;
|
||||||
if (params->auth_alg & WPA_AUTH_ALG_SAE) {
|
if (params->key_mgmt_suite == WPA_KEY_MGMT_SAE ||
|
||||||
|
params->key_mgmt_suite == WPA_KEY_MGMT_FT_SAE) {
|
||||||
nl_connect = bss->nl_connect;
|
nl_connect = bss->nl_connect;
|
||||||
bss->use_nl_connect = 1;
|
bss->use_nl_connect = 1;
|
||||||
} else {
|
} else {
|
||||||
|
|
Loading…
Reference in a new issue