Fix MFP-enabled test for disallowed TKIP

The test against use of TKIP was done only in MFP-required
(ieee80211w=2) configuration. Fix this to check the pairwise cipher for
MFP-enabled (ieee80211w=1) case as well.

Signed-off-by: Jouni Malinen <j@w1.fi>

diff --git a/src/ap/wpa_auth_ie.c b/src/ap/wpa_auth_ie.c
index 64dd78773317a5f00b1973699219abd993d960d3..c394293e8eb7b47960350b53d58e1d4b8c28e602 100644 (file)
--- a/src/ap/wpa_auth_ie.c
+++ b/src/ap/wpa_auth_ie.c
@@ -711,12 +711,6 @@ int wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth,
                        return WPA_MGMT_FRAME_PROTECTION_VIOLATION;
                }
 
-               if (ciphers & WPA_CIPHER_TKIP) {
-                       wpa_printf(MSG_DEBUG, "Management frame protection "
-                                  "cannot use TKIP");
-                       return WPA_MGMT_FRAME_PROTECTION_VIOLATION;
-               }
-
                if (data.mgmt_group_cipher != wpa_auth->conf.group_mgmt_cipher)
                {
                        wpa_printf(MSG_DEBUG, "Unsupported management group "
@@ -740,6 +734,12 @@ int wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth,
                sm->mgmt_frame_prot = 0;
        else
                sm->mgmt_frame_prot = 1;
+
+       if (sm->mgmt_frame_prot && (ciphers & WPA_CIPHER_TKIP)) {
+                   wpa_printf(MSG_DEBUG,
+                              "Management frame protection cannot use TKIP");
+                   return WPA_MGMT_FRAME_PROTECTION_VIOLATION;
+       }
 #endif /* CONFIG_IEEE80211W */
 
 #ifdef CONFIG_IEEE80211R_AP