Including a BSS membership selector mandates the STA not to try to
connect in case it does not implement the indicated feature. However, in
the case of SAE H2E this may not be a hard requirement if the STA is
permitted to use a non-SAE AKM as well.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Reviewed-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
h2e_required = (hapd->conf->sae_pwe == SAE_PWE_HASH_TO_ELEMENT ||
hostapd_sae_pw_id_in_use(hapd->conf) == 2) &&
hapd->conf->sae_pwe != SAE_PWE_FORCE_HUNT_AND_PECK &&
- wpa_key_mgmt_sae(hapd->conf->wpa_key_mgmt);
+ wpa_key_mgmt_only_sae(hapd->conf->wpa_key_mgmt);
if (h2e_required)
num++;
if (num > 8) {
h2e_required = (hapd->conf->sae_pwe == SAE_PWE_HASH_TO_ELEMENT ||
hostapd_sae_pw_id_in_use(hapd->conf) == 2) &&
hapd->conf->sae_pwe != SAE_PWE_FORCE_HUNT_AND_PECK &&
- wpa_key_mgmt_sae(hapd->conf->wpa_key_mgmt);
+ wpa_key_mgmt_only_sae(hapd->conf->wpa_key_mgmt);
if (h2e_required)
num++;
if (num <= 8)
WPA_KEY_MGMT_FT_SAE_EXT_KEY));
}
+static inline int wpa_key_mgmt_only_sae(int akm)
+{
+ return wpa_key_mgmt_sae(akm) &&
+ !(akm & ~(WPA_KEY_MGMT_SAE |
+ WPA_KEY_MGMT_SAE_EXT_KEY |
+ WPA_KEY_MGMT_FT_SAE |
+ WPA_KEY_MGMT_FT_SAE_EXT_KEY));
+}
+
static inline int wpa_key_mgmt_fils(int akm)
{
return !!(akm & (WPA_KEY_MGMT_FILS_SHA256 |
projects / thirdparty / hostap.git / commitdiff
