DPP: Require PMF when profile is for SAE without PSK
While the IEEE 802.11 standard does not require MFPR=1, WPA3-Personal requires PMF to be used with SAE. Use the stronger MFPR=1 configuration for SAE-without-PSK case, i.e., interpret that as "WPA3-Personal only" configuration. Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
This commit is contained in:
parent
db46138de4
commit
2b972a35b3
1 changed files with 4 additions and 1 deletions
|
@ -1338,7 +1338,10 @@ static struct wpa_ssid * wpas_dpp_add_network(struct wpa_supplicant *wpa_s,
|
||||||
if (dpp_akm_sae(conf->akm))
|
if (dpp_akm_sae(conf->akm))
|
||||||
ssid->key_mgmt |= WPA_KEY_MGMT_SAE |
|
ssid->key_mgmt |= WPA_KEY_MGMT_SAE |
|
||||||
WPA_KEY_MGMT_FT_SAE;
|
WPA_KEY_MGMT_FT_SAE;
|
||||||
ssid->ieee80211w = MGMT_FRAME_PROTECTION_OPTIONAL;
|
if (dpp_akm_psk(conf->akm))
|
||||||
|
ssid->ieee80211w = MGMT_FRAME_PROTECTION_OPTIONAL;
|
||||||
|
else
|
||||||
|
ssid->ieee80211w = MGMT_FRAME_PROTECTION_REQUIRED;
|
||||||
if (conf->passphrase[0]) {
|
if (conf->passphrase[0]) {
|
||||||
if (wpa_config_set_quoted(ssid, "psk",
|
if (wpa_config_set_quoted(ssid, "psk",
|
||||||
conf->passphrase) < 0)
|
conf->passphrase) < 0)
|
||||||
|
|
Loading…
Reference in a new issue