From: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
Date: Tue, 13 Aug 2024 17:32:55 +0000 (+0530)
Subject: RSNO: Skip validating RSN Override elements with MLO when RSN overriding not used
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=bbb55af8c34cc2976442e998801dd7125d9b77d6;p=thirdparty%2Fhostap.git

RSNO: Skip validating RSN Override elements with MLO when RSN overriding not used

STA needs to skip validating RSN Override elements when RSN overriding
is not used since AP will not send RSN Override elements in EAPOL-Key
message 3/4. This is handled correctly in non-MLO case but in MLO case
wpa_supplicant always validates RSN Override link KDEs. Fix validating
RSN Override elements in MLO case as well.

Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
---

diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c
index 52a4c7442..67bfe7f60 100644
--- a/src/rsn_supp/wpa.c
+++ b/src/rsn_supp/wpa.c
@@ -2500,26 +2500,6 @@ static int wpa_supplicant_validate_link_kde(struct wpa_sm *sm, u8 link_id,
 		rsnxe_len = rsnxe[1] + 2;
 	}
 
-	if (rsn_override_link_kde) {
-		rsnoe = get_vendor_ie(rsn_override_link_kde + 1,
-				      rsn_override_link_kde_len - 1,
-				      RSNE_OVERRIDE_IE_VENDOR_TYPE);
-		if (rsnoe)
-			rsnoe_len = 2 + rsnoe[1];
-
-		rsno2e = get_vendor_ie(rsn_override_link_kde + 1,
-				       rsn_override_link_kde_len - 1,
-				       RSNE_OVERRIDE_2_IE_VENDOR_TYPE);
-		if (rsno2e)
-			rsno2e_len = 2 + rsno2e[1];
-
-		rsnxoe = get_vendor_ie(rsn_override_link_kde + 1,
-				       rsn_override_link_kde_len - 1,
-				       RSNXE_OVERRIDE_IE_VENDOR_TYPE);
-		if (rsnxoe)
-			rsnxoe_len = 2 + rsnxoe[1];
-	}
-
 	if (wpa_compare_rsn_ie(wpa_key_mgmt_ft(sm->key_mgmt),
 			       sm->mlo.links[link_id].ap_rsne,
 			       sm->mlo.links[link_id].ap_rsne_len,
@@ -2552,6 +2532,29 @@ static int wpa_supplicant_validate_link_kde(struct wpa_sm *sm, u8 link_id,
 		goto fail;
 	}
 
+	if (sm->rsn_override == RSN_OVERRIDE_NOT_USED)
+		return 0;
+
+	if (rsn_override_link_kde) {
+		rsnoe = get_vendor_ie(rsn_override_link_kde + 1,
+				      rsn_override_link_kde_len - 1,
+				      RSNE_OVERRIDE_IE_VENDOR_TYPE);
+		if (rsnoe)
+			rsnoe_len = 2 + rsnoe[1];
+
+		rsno2e = get_vendor_ie(rsn_override_link_kde + 1,
+				       rsn_override_link_kde_len - 1,
+				       RSNE_OVERRIDE_2_IE_VENDOR_TYPE);
+		if (rsno2e)
+			rsno2e_len = 2 + rsno2e[1];
+
+		rsnxoe = get_vendor_ie(rsn_override_link_kde + 1,
+				       rsn_override_link_kde_len - 1,
+				       RSNXE_OVERRIDE_IE_VENDOR_TYPE);
+		if (rsnxoe)
+			rsnxoe_len = 2 + rsnxoe[1];
+	}
+
 	if ((sm->mlo.links[link_id].ap_rsnoe && !rsnoe) ||
 	    (!sm->mlo.links[link_id].ap_rsnoe && rsnoe) ||
 	    (sm->mlo.links[link_id].ap_rsnoe && rsnoe &&