SAE H2E: Fix validation of rejected groups list

check_sae_rejected_groups() returns 1, not -1, in case an enabled group
is rejected. The previous check for < 0 could not have ever triggered.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
Jouni Malinen 2019-12-07 00:28:13 +02:00 committed by Jouni Malinen
parent b834e97003
commit c88e01e1b6
2 changed files with 2 additions and 2 deletions

View file

@ -1280,7 +1280,7 @@ static void handle_auth_sae(struct hostapd_data *hapd, struct sta_info *sta,
if (sta->sae->tmp &&
check_sae_rejected_groups(
hapd, sta->sae->tmp->peer_rejected_groups) < 0) {
hapd, sta->sae->tmp->peer_rejected_groups)) {
resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
goto remove_sta;
}

View file

@ -1263,7 +1263,7 @@ static int sme_sae_auth(struct wpa_supplicant *wpa_s, u16 auth_transaction,
if (wpa_s->sme.sae.tmp &&
sme_check_sae_rejected_groups(
wpa_s,
wpa_s->sme.sae.tmp->peer_rejected_groups) < 0)
wpa_s->sme.sae.tmp->peer_rejected_groups))
return -1;
if (sae_process_commit(&wpa_s->sme.sae) < 0) {