mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2025-01-18 10:54:03 -05:00
DPP: Support DPP and SAE in the same network profile
Make both DPP and SAE code aware of the cases where the same network profile is configured to enable both DPP and SAE. Prefer DPP over SAE in such cases and start DPP/SAE exchanges based on what both the station and the AP support. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
parent
9305c2332b
commit
dd6c598007
@ -2356,9 +2356,15 @@ int wpas_dpp_check_connect(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
|
||||
struct os_time now;
|
||||
struct wpabuf *msg;
|
||||
unsigned int wait_time;
|
||||
const u8 *rsn;
|
||||
struct wpa_ie_data ied;
|
||||
|
||||
if (!(ssid->key_mgmt & WPA_KEY_MGMT_DPP) || !bss)
|
||||
return 0; /* Not using DPP AKM - continue */
|
||||
rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
|
||||
if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ied) == 0 &&
|
||||
!(ied.key_mgmt & WPA_KEY_MGMT_DPP))
|
||||
return 0; /* AP does not support DPP AKM - continue */
|
||||
if (wpa_sm_pmksa_exists(wpa_s->wpa, bss->bssid, ssid))
|
||||
return 0; /* PMKSA exists for DPP AKM - continue */
|
||||
|
||||
|
@ -313,6 +313,12 @@ static void sme_send_authentication(struct wpa_supplicant *wpa_s,
|
||||
if (!rsn) {
|
||||
wpa_dbg(wpa_s, MSG_DEBUG,
|
||||
"SAE enabled, but target BSS does not advertise RSN");
|
||||
#ifdef CONFIG_DPP
|
||||
} else if (wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ied) == 0 &&
|
||||
(ssid->key_mgmt & WPA_KEY_MGMT_DPP) &&
|
||||
(ied.key_mgmt & WPA_KEY_MGMT_DPP)) {
|
||||
wpa_dbg(wpa_s, MSG_DEBUG, "Prefer DPP over SAE when both are enabled");
|
||||
#endif /* CONFIG_DPP */
|
||||
} else if (wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ied) == 0 &&
|
||||
wpa_key_mgmt_sae(ied.key_mgmt)) {
|
||||
wpa_dbg(wpa_s, MSG_DEBUG, "Using SAE auth_alg");
|
||||
|
@ -1454,6 +1454,11 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
|
||||
wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
|
||||
wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
|
||||
#endif /* CONFIG_IEEE80211R */
|
||||
#ifdef CONFIG_DPP
|
||||
} else if (sel & WPA_KEY_MGMT_DPP) {
|
||||
wpa_s->key_mgmt = WPA_KEY_MGMT_DPP;
|
||||
wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT DPP");
|
||||
#endif /* CONFIG_DPP */
|
||||
#ifdef CONFIG_SAE
|
||||
} else if (sel & WPA_KEY_MGMT_SAE) {
|
||||
wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
|
||||
@ -1491,11 +1496,6 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
|
||||
wpa_s->key_mgmt = WPA_KEY_MGMT_OWE;
|
||||
wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT OWE");
|
||||
#endif /* CONFIG_OWE */
|
||||
#ifdef CONFIG_DPP
|
||||
} else if (sel & WPA_KEY_MGMT_DPP) {
|
||||
wpa_s->key_mgmt = WPA_KEY_MGMT_DPP;
|
||||
wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT DPP");
|
||||
#endif /* CONFIG_DPP */
|
||||
} else {
|
||||
wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
|
||||
"authenticated key management type");
|
||||
@ -1548,7 +1548,13 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
|
||||
if (0) {
|
||||
#ifdef CONFIG_DPP
|
||||
} else if (wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) {
|
||||
/* Use PMK from DPP network introduction (PMKSA entry) */
|
||||
wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
|
||||
#endif /* CONFIG_DPP */
|
||||
} else if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
|
||||
int psk_set = 0;
|
||||
int sae_only;
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user