From 90e478aa0a1c2af5f12a09f1e77a640c850e3c13 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Wed, 23 Sep 2020 23:06:55 +0300 Subject: [PATCH] DPP2: Use the PFS fallback if multiple key_mgmt values are enabled Previously this fallback from PFS enabled to disabled (and back to enabled) was used only if the local network profile used key_mgmt=DPP, i.e., did not enable another other AKM. That leaves out some valid cases since the local network profile could actually enable both DPP and SAE. Extend this check to accept cases DPP AKM is enabled and it was selected for the connection even if there other enabled AKMs. Signed-off-by: Jouni Malinen --- wpa_supplicant/events.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c index 80b803f5c..15c572f11 100644 --- a/wpa_supplicant/events.c +++ b/wpa_supplicant/events.c @@ -4494,7 +4494,9 @@ static void wpas_event_assoc_reject(struct wpa_supplicant *wpa_s, * WLAN_STATUS_AKMP_NOT_VALID is addressed in the same manner as an * interoperability workaround with older hostapd implementation. */ if (DPP_VERSION > 1 && wpa_s->current_ssid && - wpa_s->current_ssid->key_mgmt == WPA_KEY_MGMT_DPP && + (wpa_s->current_ssid->key_mgmt == WPA_KEY_MGMT_DPP || + ((wpa_s->current_ssid->key_mgmt & WPA_KEY_MGMT_DPP) && + wpa_s->key_mgmt == WPA_KEY_MGMT_DPP)) && wpa_s->current_ssid->dpp_pfs == 0 && (data->assoc_reject.status_code == WLAN_STATUS_ASSOC_DENIED_UNSPEC ||