SAE-PK: Allow SAE-PK password to be set using the psk parameter

Only the sae_password parameter was previously accepted for SAE-PK use.
That is not sufficient for covering mixed SAE+PSK cases. Extend this by
allowing the psk parameter to be used as well just like it can be used
for SAE without SAE-PK.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>

diff --git a/wpa_supplicant/sme.c b/wpa_supplicant/sme.c
index f45bab27ab59341900911b91430b4e7633495c3d..c761fdad196e86de8d14f6e01030b9f2e8b5b733 100644 (file)
--- a/wpa_supplicant/sme.c
+++ b/wpa_supplicant/sme.c
@@ -151,7 +151,10 @@ static struct wpabuf * sme_auth_build_sae_commit(struct wpa_supplicant *wpa_s,
 #ifdef CONFIG_SAE_PK
        if ((rsnxe_capa & BIT(WLAN_RSNX_CAPAB_SAE_PK)) &&
            ssid->sae_pk != SAE_PK_MODE_DISABLED &&
-           ssid->sae_password && sae_pk_valid_password(ssid->sae_password)) {
+           ((ssid->sae_password &&
+             sae_pk_valid_password(ssid->sae_password)) ||
+            (!ssid->sae_password && ssid->passphrase &&
+             sae_pk_valid_password(ssid->passphrase)))) {
                use_pt = 1;
                use_pk = true;
        }

diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c
index 51e5321e00182c2a210b1076e02a2a7d5045423c..6eb09f4962f1c35eb0e8e7ced2f1eec3912388c8 100644 (file)
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -1643,8 +1643,10 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
        wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SAE_PK,
                         wpa_key_mgmt_sae(ssid->key_mgmt) &&
                         ssid->sae_pk != SAE_PK_MODE_DISABLED &&
-                        ssid->sae_password &&
-                        sae_pk_valid_password(ssid->sae_password));
+                        ((ssid->sae_password &&
+                          sae_pk_valid_password(ssid->sae_password)) ||
+                         (!ssid->sae_password && ssid->passphrase &&
+                          sae_pk_valid_password(ssid->passphrase))));
 #endif /* CONFIG_SAE_PK */
 #ifdef CONFIG_TESTING_OPTIONS
        wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_FT_RSNXE_USED,