From 183e72ae1348fddbb2f90de23c8378cb7d6cba1d Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Mon, 19 Oct 2020 23:35:00 +0300 Subject: [PATCH] SAE-PK: Do not accept SAE-PK status code when no PK is configured Make sae_status_success() more explicit by rejecting SAE-PK status code when the AP is not configured with PK. Fixes: 20ccf97b3dc1 ("SAE-PK: AP functionality") Signed-off-by: Jouni Malinen --- src/ap/ieee802_11.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c index 292393224..de715a04c 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -1149,6 +1149,7 @@ static int sae_status_success(struct hostapd_data *hapd, u16 status_code) { int sae_pwe = hapd->conf->sae_pwe; int id_in_use; + bool sae_pk = false; id_in_use = hostapd_sae_pw_id_in_use(hapd->conf); if (id_in_use == 2 && sae_pwe != 3) @@ -1156,7 +1157,8 @@ static int sae_status_success(struct hostapd_data *hapd, u16 status_code) else if (id_in_use == 1 && sae_pwe == 0) sae_pwe = 2; #ifdef CONFIG_SAE_PK - if (sae_pwe == 0 && hostapd_sae_pk_in_use(hapd->conf)) + sae_pk = hostapd_sae_pk_in_use(hapd->conf); + if (sae_pwe == 0 && sae_pk) sae_pwe = 2; #endif /* CONFIG_SAE_PK */ @@ -1164,11 +1166,11 @@ static int sae_status_success(struct hostapd_data *hapd, u16 status_code) status_code == WLAN_STATUS_SUCCESS) || (sae_pwe == 1 && (status_code == WLAN_STATUS_SAE_HASH_TO_ELEMENT || - status_code == WLAN_STATUS_SAE_PK)) || + (sae_pk && status_code == WLAN_STATUS_SAE_PK))) || (sae_pwe == 2 && (status_code == WLAN_STATUS_SUCCESS || status_code == WLAN_STATUS_SAE_HASH_TO_ELEMENT || - status_code == WLAN_STATUS_SAE_PK)); + (sae_pk && status_code == WLAN_STATUS_SAE_PK))); }