Replace RSNE group key management mismatch status/reason codes

Use "cipher out of policy" value instead of invalid group cipher (which
is for the group data frame cipher) and management frame policy
violation (which is used for MFPC/MFPR mismatch).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>

diff --git a/src/ap/drv_callbacks.c b/src/ap/drv_callbacks.c
index 4858cd5dc2c04f69f433cffefae960fa97a0b30b..f81f640b08f8d30f5484be47d1a75bcc50d0bc73 100644 (file)
--- a/src/ap/drv_callbacks.c
+++ b/src/ap/drv_callbacks.c
@@ -319,8 +319,8 @@ int hostapd_notif_assoc(struct hostapd_data *hapd, const u8 *addr,
                                reason = WLAN_REASON_INVALID_IE;
                                status = WLAN_STATUS_INVALID_IE;
                        } else if (res == WPA_INVALID_MGMT_GROUP_CIPHER) {
-                               reason = WLAN_REASON_GROUP_CIPHER_NOT_VALID;
-                               status = WLAN_STATUS_GROUP_CIPHER_NOT_VALID;
+                               reason = WLAN_REASON_CIPHER_SUITE_REJECTED;
+                               status = WLAN_STATUS_CIPHER_REJECTED_PER_POLICY;
                        }
 #endif /* CONFIG_IEEE80211W */
                        else {

diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
index 27520fee561f61781a33d109e86aa477968925a7..89fe2796234680858c8c8be3ab9f037ec451869a 100644 (file)
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -1072,7 +1072,7 @@ static u16 wpa_res_to_status_code(int res)
        if (res == WPA_MGMT_FRAME_PROTECTION_VIOLATION)
                return WLAN_STATUS_ROBUST_MGMT_FRAME_POLICY_VIOLATION;
        if (res == WPA_INVALID_MGMT_GROUP_CIPHER)
-               return WLAN_STATUS_ROBUST_MGMT_FRAME_POLICY_VIOLATION;
+               return WLAN_STATUS_CIPHER_REJECTED_PER_POLICY;
 #endif /* CONFIG_IEEE80211W */
        if (res == WPA_INVALID_MDIE)
                return WLAN_STATUS_INVALID_MDIE;