SAE: Clear rejected groups list on continuous failures

author Jouni Malinen <j@w1.fi>

Sun, 7 Jul 2024 08:52:36 +0000 (11:52 +0300)

committer Jouni Malinen <j@w1.fi>

Sun, 7 Jul 2024 08:58:18 +0000 (11:58 +0300)
author Jouni Malinen <j@w1.fi>
Sun, 7 Jul 2024 08:52:36 +0000 (11:52 +0300)
committer Jouni Malinen <j@w1.fi>
Sun, 7 Jul 2024 08:58:18 +0000 (11:58 +0300)
diff --git a/wpa_supplicant/sme.c b/wpa_supplicant/sme.c

index 906fa1036a55fcd3b309b62a65ee630932a37c3d..0700ae61db6f89296ec6c7e3d1379b8f25eb20bc 100644 (file)
--- a/wpa_supplicant/sme.c
+++ b/wpa_supplicant/sme.c
@@ -2015,6 +2015,12 @@ void sme_event_auth(struct wpa_supplicant *wpa_s, union wpa_event_data *data)
                                                NULL);
                         wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
  
+                       if (wpa_s->sme.sae_rejected_groups &&
+                           ssid->disabled_until.sec) {
+                               wpa_printf(MSG_DEBUG,
+                                          "SME: Clear SAE state with rejected groups due to continuous failures");
+                               wpa_s_clear_sae_rejected(wpa_s);
+                       }
                 }
                 if (res != 1)
                         return;
diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c

index 1b5a26090bfff6f83911a77f3272d9262bae21b3..6df13739b5015aa72eed0b5aa8b813bc8b0267fe 100644 (file)
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -2444,7 +2444,7 @@ void wpa_s_setup_sae_pt(struct wpa_config *conf, struct wpa_ssid *ssid,
  }
  
  
-static void wpa_s_clear_sae_rejected(struct wpa_supplicant *wpa_s)
+void wpa_s_clear_sae_rejected(struct wpa_supplicant *wpa_s)
  {
  #if defined(CONFIG_SAE) && defined(CONFIG_SME)
         os_free(wpa_s->sme.sae_rejected_groups);
diff --git a/wpa_supplicant/wpa_supplicant_i.h b/wpa_supplicant/wpa_supplicant_i.h

index 426d077d2f1620adb47f5636f77ea93ef807bb04..7a128622522149a81bc6928260bfcecf7765a200 100644 (file)
--- a/wpa_supplicant/wpa_supplicant_i.h
+++ b/wpa_supplicant/wpa_supplicant_i.h
@@ -1893,6 +1893,7 @@ int wpas_get_ssid_pmf(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid);
  int pmf_in_use(struct wpa_supplicant *wpa_s, const u8 *addr);
  void wpa_s_setup_sae_pt(struct wpa_config *conf, struct wpa_ssid *ssid,
                         bool force);
+void wpa_s_clear_sae_rejected(struct wpa_supplicant *wpa_s);
  
  bool wpas_is_sae_avoided(struct wpa_supplicant *wpa_s,
                         struct wpa_ssid *ssid,
author	Jouni Malinen <j@w1.fi>
	Sun, 7 Jul 2024 08:52:36 +0000 (11:52 +0300)
committer	Jouni Malinen <j@w1.fi>
	Sun, 7 Jul 2024 08:58:18 +0000 (11:58 +0300)
wpa_supplicant/sme.c		patch \| blob \| blame \| history
wpa_supplicant/wpa_supplicant.c		patch \| blob \| blame \| history
wpa_supplicant/wpa_supplicant_i.h		patch \| blob \| blame \| history