wpa_supplicant: Do not select a rejected SAE group

Make sure that sme_set_sae_group() doesn't select a group that was
previously rejected during this instance of SAE authentication.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>

diff --git a/wpa_supplicant/sme.c b/wpa_supplicant/sme.c
index 2abc3eab86c194a4bb065309753a195da0f779d3..1b05de0662da742c0fd4e0cfe188aea24a2c4eb5 100644 (file)
--- a/wpa_supplicant/sme.c
+++ b/wpa_supplicant/sme.c
@@ -71,7 +71,9 @@ static int sme_set_sae_group(struct wpa_supplicant *wpa_s, bool external)
                int group = groups[wpa_s->sme.sae_group_index];
                if (group <= 0)
                        break;
-               if (sae_set_group(&wpa_s->sme.sae, group) == 0) {
+               if (!int_array_includes(wpa_s->sme.sae_rejected_groups,
+                                       group) &&
+                   sae_set_group(&wpa_s->sme.sae, group) == 0) {
                        wpa_dbg(wpa_s, MSG_DEBUG, "SME: Selected SAE group %d",
                                wpa_s->sme.sae.group);
                        wpa_s->sme.sae.akmp = external ?