From 3790f3a6eeba0ec828d32ab7ce8eb8f85cc72f19 Mon Sep 17 00:00:00 2001 From: Veerendranath Jakkam Date: Wed, 22 Apr 2020 12:54:35 +0530 Subject: [PATCH] Use per-interface type driver key_mgmt capabilities when possible Use key_mgmt_iftype instead of key_mgmt when the specific interface type is known by the context of the operation. Use per interface type AKM capabilities in capa.key_mgmt_iftype array based on the wpa_supplicant context instead of using capa.key_mgmt to determine the driver AKM capability. Signed-off-by: Veerendranath Jakkam --- wpa_supplicant/dpp_supplicant.c | 3 ++- wpa_supplicant/interworking.c | 3 ++- wpa_supplicant/wps_supplicant.c | 6 +++++- 3 files changed, 9 insertions(+), 3 deletions(-) diff --git a/wpa_supplicant/dpp_supplicant.c b/wpa_supplicant/dpp_supplicant.c index b9b882bf2..a41b3f5c0 100644 --- a/wpa_supplicant/dpp_supplicant.c +++ b/wpa_supplicant/dpp_supplicant.c @@ -1136,7 +1136,8 @@ static struct wpa_ssid * wpas_dpp_add_network(struct wpa_supplicant *wpa_s, res = wpa_drv_get_capa(wpa_s, &capa); if (res == 0 && - !(capa.key_mgmt & WPA_DRIVER_CAPA_KEY_MGMT_SAE) && + !(capa.key_mgmt_iftype[WPA_IF_STATION] & + WPA_DRIVER_CAPA_KEY_MGMT_SAE) && !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE)) { wpa_printf(MSG_DEBUG, "DPP: SAE not supported by the driver"); diff --git a/wpa_supplicant/interworking.c b/wpa_supplicant/interworking.c index c48525cec..a380123b3 100644 --- a/wpa_supplicant/interworking.c +++ b/wpa_supplicant/interworking.c @@ -946,7 +946,8 @@ static int interworking_set_hs20_params(struct wpa_supplicant *wpa_s, struct wpa_driver_capa capa; res = wpa_drv_get_capa(wpa_s, &capa); - if (res == 0 && capa.key_mgmt & WPA_DRIVER_CAPA_KEY_MGMT_FT) { + if (res == 0 && capa.key_mgmt_iftype[WPA_IF_STATION] & + WPA_DRIVER_CAPA_KEY_MGMT_FT) { key_mgmt = wpa_s->conf->pmf != NO_MGMT_FRAME_PROTECTION ? "WPA-EAP WPA-EAP-SHA256 FT-EAP" : "WPA-EAP FT-EAP"; diff --git a/wpa_supplicant/wps_supplicant.c b/wpa_supplicant/wps_supplicant.c index b160fd0d4..b7680f088 100644 --- a/wpa_supplicant/wps_supplicant.c +++ b/wpa_supplicant/wps_supplicant.c @@ -188,6 +188,7 @@ static void wpas_wps_security_workaround(struct wpa_supplicant *wpa_s, const u8 *ie; struct wpa_ie_data adv; int wpa2 = 0, ccmp = 0; + enum wpa_driver_if_type iftype; /* * Many existing WPS APs do not know how to negotiate WPA2 or CCMP in @@ -239,9 +240,12 @@ static void wpas_wps_security_workaround(struct wpa_supplicant *wpa_s, return; } + iftype = ssid->p2p_group ? WPA_IF_P2P_CLIENT : WPA_IF_STATION; + if (ccmp && !(ssid->pairwise_cipher & WPA_CIPHER_CCMP) && (ssid->pairwise_cipher & WPA_CIPHER_TKIP) && - (capa.key_mgmt & WPA_DRIVER_CAPA_KEY_MGMT_WPA2_PSK)) { + (capa.key_mgmt_iftype[iftype] & + WPA_DRIVER_CAPA_KEY_MGMT_WPA2_PSK)) { wpa_printf(MSG_DEBUG, "WPS: Add CCMP into the credential " "based on scan results"); if (wpa_s->conf->ap_scan == 1)