ft: make Authenticate OCVC settable by caller

The FT-over-DS action stage builds an FT-Request which contains an
RSNE. Since FT-over-DS will not support OCV add a boolean to
ft_build_authenticate_ies so the OCVC bit can be disabled rather
than relying on the handshake setting.

src/ft.c

@@ -805,7 +805,7 @@ static bool ft_over_ds_start(struct auth_proto *ap)
 	return ft_tx_reassociate(ft) == 0;
 }
 
-bool ft_build_authenticate_ies(struct handshake_state *hs,
+bool ft_build_authenticate_ies(struct handshake_state *hs, bool ocvc,
 				const uint8_t *new_snonce, uint8_t *buf,
 				size_t *len)
 {
@@ -834,6 +834,7 @@ bool ft_build_authenticate_ies(struct handshake_state *hs,
 
 		rsn_info.num_pmkids = 1;
 		rsn_info.pmkids = hs->pmk_r0_name;
+		rsn_info.ocvc = ocvc;
 
 		ie_build_rsne(&rsn_info, ptr);
 		ptr += ptr[1] + 2;
@@ -884,7 +885,8 @@ static bool ft_start(struct auth_proto *ap)
 	uint8_t buf[512];
 	size_t len;
 
-	if (!ft_build_authenticate_ies(hs, hs->snonce, buf, &len))
+	if (!ft_build_authenticate_ies(hs, hs->supplicant_ocvc, hs->snonce,
+					buf, &len))
 		return false;
 
 	iov.iov_base = buf;

src/ft.h

@@ -44,7 +44,7 @@ struct ft_ds_info {
 
 void ft_ds_info_free(struct ft_ds_info *info);
 
-bool ft_build_authenticate_ies(struct handshake_state *hs,
+bool ft_build_authenticate_ies(struct handshake_state *hs, bool ocvc,
 				const uint8_t *new_snonce, uint8_t *buf,
 				size_t *len);
 

src/netdev.c

@@ -4400,7 +4400,9 @@ int netdev_fast_transition_over_ds_action(struct netdev *netdev,
 	iovs[0].iov_base = ft_req;
 	iovs[0].iov_len = sizeof(ft_req);
 
-	if (!ft_build_authenticate_ies(hs, info->super.snonce, buf, &len))
+
+	if (!ft_build_authenticate_ies(hs, false, info->super.snonce,
+						buf, &len))
 		goto failed;
 
 	iovs[1].iov_base = buf;