FT: Remove optional fields from RSNE when using PMF

The PMKIDCount, PMKID List, and Group Management Cipher Suite fields are
optional to include in the RSNE in cases where these would not have
values that are different from the default values. In practice,
PMKIDCount is always 0 in Beacon and Probe Response frames, so the only
field of these that could have a non-default value is Group Management
Cipher Suite. When BIP is used, that field is not needed either due to
BIP being the default cipher when PMF is enabled.

Remove these fields from RSNE when BIP is used to save six octets in
Beacon and Probe Response frames. In addition to reduced frame length,
this is a workaround for interoperability issues with iOS 8.4 in cases
where FT and PMF are enabled. iOS seems to be rejecting EAPOL-Key msg
3/4 during FT initial mobility domain association if the RSNE includes
the PMKIDCount field.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
Jouni Malinen 2015-08-06 16:41:38 +03:00 committed by Jouni Malinen
parent 3fb62bdae9
commit 44fa5e747b

View file

@ -261,7 +261,8 @@ int wpa_write_rsn_ie(struct wpa_auth_config *conf, u8 *buf, size_t len,
} }
#ifdef CONFIG_IEEE80211W #ifdef CONFIG_IEEE80211W
if (conf->ieee80211w != NO_MGMT_FRAME_PROTECTION) { if (conf->ieee80211w != NO_MGMT_FRAME_PROTECTION &&
conf->group_mgmt_cipher != WPA_CIPHER_AES_128_CMAC) {
if (pos + 2 + 4 > buf + len) if (pos + 2 + 4 > buf + len)
return -1; return -1;
if (pmkid == NULL) { if (pmkid == NULL) {