wext: Fix non-WPA/WPA2 connection with extra IEs

The associate() handler was not prepared for params->wpa_ie containing
some other IEs than WPA/RSN IE and ended up configuring security policy
incorrectly for open networks if such IEs were present. Fix this by
using wpa_proto parameter instead of IEs to determine security policy
for driver configuration.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

diff --git a/src/drivers/driver_wext.c b/src/drivers/driver_wext.c
index 428808d7cdbd1b4b560789c8996caf7804e2d0e2..1e531b7977978a874a11ac978ecb3eae9c5e5cf4 100644 (file)
--- a/src/drivers/driver_wext.c
+++ b/src/drivers/driver_wext.c
@@ -2061,12 +2061,12 @@ int wpa_driver_wext_associate(void *priv,
        if (wpa_driver_wext_set_gen_ie(drv, params->wpa_ie, params->wpa_ie_len)
            < 0)
                ret = -1;
-       if (params->wpa_ie == NULL || params->wpa_ie_len == 0)
-               value = IW_AUTH_WPA_VERSION_DISABLED;
-       else if (params->wpa_ie[0] == WLAN_EID_RSN)
+       if (params->wpa_proto & WPA_PROTO_RSN)
                value = IW_AUTH_WPA_VERSION_WPA2;
-       else
+       else if (params->wpa_proto & WPA_PROTO_WPA)
                value = IW_AUTH_WPA_VERSION_WPA;
+       else
+               value = IW_AUTH_WPA_VERSION_DISABLED;
        if (wpa_driver_wext_set_auth_param(drv,
                                           IW_AUTH_WPA_VERSION, value) < 0)
                ret = -1;
@@ -2085,7 +2085,7 @@ int wpa_driver_wext_associate(void *priv,
        value = params->key_mgmt_suite != WPA_KEY_MGMT_NONE ||
                params->pairwise_suite != WPA_CIPHER_NONE ||
                params->group_suite != WPA_CIPHER_NONE ||
-               params->wpa_ie_len;
+               (params->wpa_proto & (WPA_PROTO_RSN | WPA_PROTO_WPA));
        if (wpa_driver_wext_set_auth_param(drv,
                                           IW_AUTH_PRIVACY_INVOKED, value) < 0)
                ret = -1;