From: Ainy Kumari Date: Thu, 4 Sep 2025 08:22:07 +0000 (+0530) Subject: nl80211: Fix handling of highest supported authentication algorithm X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8d1c62f078bac211f62e4d57a55c7567b71bcfed;p=thirdparty%2Fhostap.git nl80211: Fix handling of highest supported authentication algorithm NL80211_AUTHTYPE_MAX represents the highest valid authentication algorithm enum value, not an invalid or out-of-range value. The previous logic for auth type boundary check incorrectly treats this value as invalid, resulting in failures when the highest supported authentication type is used during authentication frame exchange. To fix this, update the validation logic to correctly recognize all defined authentication algorithm enum values, including the last one, and only reject values outside the defined range. Fixes: 3c67e977dec5 ("nl80211: Add support to send updated connection parameters") Signed-off-by: Ainy Kumari --- diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index 5fb4529e5..8a007698b 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -4108,7 +4108,7 @@ static enum nl80211_auth_type get_nl_auth_type(int wpa_auth_alg) if (wpa_auth_alg & WPA_AUTH_ALG_FILS_SK_PFS) return NL80211_AUTHTYPE_FILS_SK_PFS; - return NL80211_AUTHTYPE_MAX; + return NL80211_AUTHTYPE_MAX + 1; } @@ -4231,7 +4231,7 @@ retry: } type = get_nl_auth_type(params->auth_alg); wpa_printf(MSG_DEBUG, " * Auth Type %d", type); - if (type == NL80211_AUTHTYPE_MAX || + if (type > NL80211_AUTHTYPE_MAX || nla_put_u32(msg, NL80211_ATTR_AUTH_TYPE, type)) goto fail; if (params->local_state_change) { @@ -7396,7 +7396,7 @@ static int wpa_driver_nl80211_try_connect( type = get_nl_auth_type(params->auth_alg); wpa_printf(MSG_DEBUG, " * Auth Type %d", type); - if (type == NL80211_AUTHTYPE_MAX || + if (type > NL80211_AUTHTYPE_MAX || nla_put_u32(msg, NL80211_ATTR_AUTH_TYPE, type)) goto fail; @@ -14455,7 +14455,7 @@ static int nl80211_update_connection_params( if (mask & WPA_DRV_UPDATE_AUTH_TYPE) { type = get_nl_auth_type(params->auth_alg); - if (type == NL80211_AUTHTYPE_MAX || + if (type > NL80211_AUTHTYPE_MAX || nla_put_u32(msg, NL80211_ATTR_AUTH_TYPE, type)) goto fail; wpa_printf(MSG_DEBUG, " * Auth Type %d", type);