RSN: Do not allow connection to proceed without MFPC=1 if PMF required

PMF capability check is done as part of BSS selection routines, but
those are not used when going through the enforced roaming operation
("ROAM <BSSID>" control interface command). While that mechanism is
mainly for testing purposes, extend it to do the same check for PMF to
prevent cases where forced roaming could end up disabling PMF against
the local profile requirement.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>

diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c
index 21ef6fad10523a102cbbc9dc66b7c807e82b25ee..d536be0a6d17710b4de5752867158ac18ef1e8b7 100644 (file)
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -1529,6 +1529,13 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
        wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
 
 #ifdef CONFIG_IEEE80211W
+       if (!(ie.capabilities & WPA_CAPABILITY_MFPC) &&
+           wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
+               wpa_msg(wpa_s, MSG_INFO,
+                       "RSN: Management frame protection required but the selected AP does not enable it");
+               return -1;
+       }
+
        sel = ie.mgmt_group_cipher;
        if (ssid->group_mgmt_cipher)
                sel &= ssid->group_mgmt_cipher;