SAE H2E: Check H2E-only BSS membership selector only if SAE is enabled

This BSS membership selector has impact only for SAE functionality, so
ignore it when configured not to use SAE. This allows WPA-PSK connection
to and AP that advertises WPA-PSK and SAE while requiring H2E for SAE.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>

diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c
index 90138c60de01867c99ae74b93d34c859227f97a0..8f5b21a9fa2b2d3becfa95ebc5ea3ffabb96f5ca 100644 (file)
--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
@@ -772,8 +772,8 @@ static int freq_allowed(int *freqs, int freq)
 }
 
 
-static int rate_match(struct wpa_supplicant *wpa_s, struct wpa_bss *bss,
-                     int debug_print)
+static int rate_match(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
+                     struct wpa_bss *bss, int debug_print)
 {
        const struct hostapd_hw_modes *mode = NULL, *modes;
        const u8 scan_ie[2] = { WLAN_EID_SUPP_RATES, WLAN_EID_EXT_SUPP_RATES };
@@ -853,7 +853,8 @@ static int rate_match(struct wpa_supplicant *wpa_s, struct wpa_bss *bss,
 #ifdef CONFIG_SAE
                        if (flagged && ((rate_ie[j] & 0x7f) ==
                                        BSS_MEMBERSHIP_SELECTOR_SAE_H2E_ONLY)) {
-                               if (wpa_s->conf->sae_pwe == 0) {
+                               if (wpa_s->conf->sae_pwe == 0 &&
+                                   wpa_key_mgmt_sae(ssid->key_mgmt)) {
                                        if (debug_print)
                                                wpa_dbg(wpa_s, MSG_DEBUG,
                                                        "   SAE H2E disabled");
@@ -1290,7 +1291,7 @@ struct wpa_ssid * wpa_scan_res_match(struct wpa_supplicant *wpa_s,
                }
 #endif /* CONFIG_MESH */
 
-               if (!rate_match(wpa_s, bss, debug_print)) {
+               if (!rate_match(wpa_s, ssid, bss, debug_print)) {
                        if (debug_print)
                                wpa_dbg(wpa_s, MSG_DEBUG,
                                        "   skip - rate sets do not match");