git.ipfire.org Git - thirdparty/hostap.git/commit

author	Vamsi Krishna <vamsin@codeaurora.org>
	Wed, 11 Sep 2019 10:35:22 +0000 (16:05 +0530)
committer	Jouni Malinen <j@w1.fi>
	Fri, 20 Sep 2019 21:58:33 +0000 (00:58 +0300)
commit	2e06cef80a228b30dd55e64bdd8c92ebf4050ffb
tree	f1842f84d5827a4e71798afcdd6b1ef18ce2d424	tree \| snapshot
parent	722c7d1958d97345c8a52343fc4289daee6236d4	commit \| diff

MBO/OCE: Work around misbehaving MBO/OCE APs that use RSN without PMF

The MBO and OCE specification require the station to mandate use of PMF
when connecting to an MBO/OCE AP that uses WPA2. The earlier
implementation prevented such misbehaving APs from being selected for
connection completely. This looks like the safest approach to take, but
unfortunately, there are deployed APs that are not compliant with the
MBO/OCE requirements and this strict interpretation of the station
requirements results in interoperability issues by preventing the
association completely.

Relax the approach by allowing noncompliant MBO/OCE APs to be selected
for RSN connection without PMF to avoid the main impact of this
interoperability issue. However, disable MBO/OCE functionality when PMF
cannot be negotiated to try to be as compliant as practical with the
MBO/OCE tech spec requirements (i.e., stop being an MBO/OCE STA for the
duration of such workaround association). Also disable support for BTM
in this workaround state since MBO would expect all BTM frames to be
protected.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>

wpa_supplicant/events.c		diff \| blob \| blame \| history
wpa_supplicant/mbo.c		diff \| blob \| blame \| history
wpa_supplicant/sme.c		diff \| blob \| blame \| history
wpa_supplicant/wnm_sta.c		diff \| blob \| blame \| history
wpa_supplicant/wpa_supplicant.c		diff \| blob \| blame \| history
wpa_supplicant/wpa_supplicant_i.h		diff \| blob \| blame \| history