jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

MBO: Mandate use of PMF for WPA2+MBO association (STA)

Browse source 
If WPA2 is used, MBO AP must enable PMF. Refuse to select a BSS that has
MBO and WPA2 enabled without PMF.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
Jouni Malinen 2016-02-22 16:46:29 +02:00 committed by Jouni Malinen
parent 4c572281ed
commit 940491ce08
1 changed files with 10 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
wpa_supplicant/events.c
View file

@ -574,6 +574,16 @@ static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s,
" skip RSN IE - no mgmt frame protection enabled but AP requires it"); " skip RSN IE - no mgmt frame protection enabled but AP requires it");
break; break;
} }
#ifdef CONFIG_MBO
if (!(ie.capabilities & WPA_CAPABILITY_MFPC) &&
wpas_mbo_get_bss_attr(bss, MBO_ATTR_ID_AP_CAPA_IND) &&
wpas_get_ssid_pmf(wpa_s, ssid) !=
NO_MGMT_FRAME_PROTECTION) {
wpa_dbg(wpa_s, MSG_DEBUG,
" skip RSN IE - no mgmt frame protection enabled on MBO AP");
break;
}
#endif /* CONFIG_MBO */
wpa_dbg(wpa_s, MSG_DEBUG, " selected based on RSN IE"); wpa_dbg(wpa_s, MSG_DEBUG, " selected based on RSN IE");
return 1; return 1;