common: Allow WPA_CIPHER_GTK_NOT_USED as a valid group management cipher

PASN authentication requires that group management cipher suite
would be set to 00-0F-AC:7 in the RSNE, so consider it as a valid
group management cipher and adjust the code accordingly.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>

diff --git a/src/common/wpa_common.c b/src/common/wpa_common.c
index 82a5a174fefc77a7cfcad5da7432fd600c7f7870..3d04650d329917c2ab64f9513a13ed7ea3b154d3 100644 (file)
--- a/src/common/wpa_common.c
+++ b/src/common/wpa_common.c
@@ -1216,7 +1216,8 @@ int wpa_cipher_valid_group(int cipher)
 
 int wpa_cipher_valid_mgmt_group(int cipher)
 {
-       return cipher == WPA_CIPHER_AES_128_CMAC ||
+       return cipher == WPA_CIPHER_GTK_NOT_USED ||
+               cipher == WPA_CIPHER_AES_128_CMAC ||
                cipher == WPA_CIPHER_BIP_GMAC_128 ||
                cipher == WPA_CIPHER_BIP_GMAC_256 ||
                cipher == WPA_CIPHER_BIP_CMAC_256;

diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c
index e07527ba57c55d264dcdea038652beb3e4e053a9..834658324ee4608b87b81f87fcae329a91b62ec5 100644 (file)
--- a/src/rsn_supp/wpa.c
+++ b/src/rsn_supp/wpa.c
@@ -1306,7 +1306,8 @@ static int ieee80211w_set_keys(struct wpa_sm *sm,
 {
        size_t len;
 
-       if (!wpa_cipher_valid_mgmt_group(sm->mgmt_group_cipher))
+       if (!wpa_cipher_valid_mgmt_group(sm->mgmt_group_cipher) ||
+           sm->mgmt_group_cipher == WPA_CIPHER_GTK_NOT_USED)
                return 0;
 
        if (ie->igtk) {
@@ -1665,6 +1666,7 @@ static void wpa_supplicant_process_3_of_4(struct wpa_sm *sm,
        }
 
        if (ie.igtk &&
+           sm->mgmt_group_cipher != WPA_CIPHER_GTK_NOT_USED &&
            wpa_cipher_valid_mgmt_group(sm->mgmt_group_cipher) &&
            ie.igtk_len != WPA_IGTK_KDE_PREFIX_LEN +
            (unsigned int) wpa_cipher_key_len(sm->mgmt_group_cipher)) {