From: Sharadanand Karanjkar <skaranjkar@datto.com>
Date: Tue, 5 Apr 2022 13:51:18 +0000 (+0200)
Subject: mesh: Do not allow open mode key in 6 GHz
X-Git-Tag: hostap_2_11~1453
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5da3e1ca44896342eba3cd25eadc5e3e43d5b56e;p=thirdparty%2Fhostap.git

mesh: Do not allow open mode key in 6 GHz

IEEE Std 802.11ax-2021, 12.12 explicitly disallows use of Open System
authentication without encryption on the 6 GHz band.

Signed-off-by: Sharadanand Karanjkar <skaranjkar@datto.com>
---

diff --git a/wpa_supplicant/config_file.c b/wpa_supplicant/config_file.c
index dbc04e13d..0b34229a5 100644
--- a/wpa_supplicant/config_file.c
+++ b/wpa_supplicant/config_file.c
@@ -53,6 +53,13 @@ static int wpa_config_validate_network(struct wpa_ssid *ssid, int line)
 		ssid->group_cipher &= ~WPA_CIPHER_CCMP;
 	}
 
+	if (is_6ghz_freq(ssid->frequency) && ssid->mode == WPAS_MODE_MESH &&
+	    ssid->key_mgmt == WPA_KEY_MGMT_NONE) {
+		wpa_printf(MSG_ERROR,
+			   "Line %d: key_mgmt for mesh network in 6 GHz should be SAE",
+			   line);
+		errors++;
+	}
 	if (ssid->mode == WPAS_MODE_MESH &&
 	    (ssid->key_mgmt != WPA_KEY_MGMT_NONE &&
 	    ssid->key_mgmt != WPA_KEY_MGMT_SAE)) {