From a3f7e5186be7160057916b3aa6c08c0d4569039f Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Wed, 15 Aug 2012 19:34:04 +0300 Subject: [PATCH] Allow non-WPA IEEE 802.1X to be select even if WPA is also enabled If key_mgmt was set to allow both WPA and non-WPA IEEE 802.1X (i.e., to IEEE8021X WPA-EAP), non-WPA IEEE 802.1X was rejected while preparing association parameters. Allow this special case to be handled by selecting non-WPA case if the scan results for the AP do not include either WPA or RSN elements. Signed-hostap: Jouni Malinen --- wpa_supplicant/events.c | 6 ++++++ wpa_supplicant/sme.c | 9 +++++++++ wpa_supplicant/wpa_supplicant.c | 10 ++++++++++ 3 files changed, 25 insertions(+) diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c index 5b706705e..0c5c07c9f 100644 --- a/wpa_supplicant/events.c +++ b/wpa_supplicant/events.c @@ -448,6 +448,12 @@ static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s, return 1; } + if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && !wpa_ie && + !rsn_ie) { + wpa_dbg(wpa_s, MSG_DEBUG, " allow for non-WPA IEEE 802.1X"); + return 1; + } + if ((ssid->proto & (WPA_PROTO_WPA | WPA_PROTO_RSN)) && wpa_key_mgmt_wpa(ssid->key_mgmt) && proto_match == 0) { wpa_dbg(wpa_s, MSG_DEBUG, " skip - no WPA/RSN proto match"); diff --git a/wpa_supplicant/sme.c b/wpa_supplicant/sme.c index 31491e5b1..b09e5f180 100644 --- a/wpa_supplicant/sme.c +++ b/wpa_supplicant/sme.c @@ -127,6 +127,15 @@ void sme_authenticate(struct wpa_supplicant *wpa_s, "key management and encryption suites"); return; } + } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && + wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) { + /* + * Both WPA and non-WPA IEEE 802.1X enabled in configuration - + * use non-WPA since the scan results did not indicate that the + * AP is using WPA or WPA2. + */ + wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); + wpa_s->sme.assoc_req_ie_len = 0; } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) { wpa_s->sme.assoc_req_ie_len = sizeof(wpa_s->sme.assoc_req_ie); if (wpa_supplicant_set_suites(wpa_s, NULL, ssid, diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c index 9a4257050..99454c407 100644 --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c @@ -1309,6 +1309,16 @@ void wpa_supplicant_associate(struct wpa_supplicant *wpa_s, "key management and encryption suites"); return; } + } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss && + wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) { + /* + * Both WPA and non-WPA IEEE 802.1X enabled in configuration - + * use non-WPA since the scan results did not indicate that the + * AP is using WPA or WPA2. + */ + wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); + wpa_ie_len = 0; + wpa_s->wpa_proto = 0; } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) { wpa_ie_len = sizeof(wpa_ie); if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,