Kernel/iwd
3
0
Fork 0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2025-02-01 22:34:07 +01:00
Code Releases Activity

wiphy: ensure CCMP support when considering SAE

Browse Source
This commit is contained in:
Denis Kenzior 2021-07-05 19:53:52 -05:00
parent e4d007e14f
commit 667023b01b
1 changed files with 18 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
src/wiphy.c
View File

@ -130,6 +130,24 @@ enum ie_rsn_cipher_suite wiphy_select_cipher(struct wiphy *wiphy, uint16_t mask)
static bool wiphy_can_connect_sae(struct wiphy *wiphy)
{
/*
* WPA3 Specification version 3, Section 2.2:
* A STA shall not enable WEP and TKIP
*/
if (!(wiphy->supported_ciphers & IE_RSN_CIPHER_SUITE_CCMP)) {
l_debug("HW not CCMP capable, can't use SAE");
return false;
}
/*
* WPA3 Specification version 3, Section 2.3:
* A STA shall negotiate PMF when associating to an AP using SAE
*/
if (!(wiphy->supported_ciphers & IE_RSN_CIPHER_SUITE_BIP)) {
l_debug("HW not MFP capable, can't use SAE");
return false;
}
/*
* SAE support in the kernel is a complete mess in that there are 3
* different ways the hardware can support SAE:
@ -232,12 +250,6 @@ enum ie_rsn_akm_suite wiphy_select_akm(struct wiphy *wiphy,
if (ie_rsne_is_wpa3_personal(&info)) {
l_debug("Network is WPA3-Personal...");
if (!(wiphy->supported_ciphers &
IE_RSN_CIPHER_SUITE_BIP)) {
l_debug("HW not MFP capable, trying WPA2");
goto wpa2_personal;
}
if (!wiphy_can_connect_sae(wiphy))
goto wpa2_personal;