From 5da3e1ca44896342eba3cd25eadc5e3e43d5b56e Mon Sep 17 00:00:00 2001
From: Sharadanand Karanjkar <skaranjkar@datto.com>
Date: Tue, 5 Apr 2022 15:51:18 +0200
Subject: [PATCH] mesh: Do not allow open mode key in 6 GHz

IEEE Std 802.11ax-2021, 12.12 explicitly disallows use of Open System
authentication without encryption on the 6 GHz band.

Signed-off-by: Sharadanand Karanjkar <skaranjkar@datto.com>
---
 wpa_supplicant/config_file.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/wpa_supplicant/config_file.c b/wpa_supplicant/config_file.c
index dbc04e13d..0b34229a5 100644
--- a/wpa_supplicant/config_file.c
+++ b/wpa_supplicant/config_file.c
@@ -53,6 +53,13 @@ static int wpa_config_validate_network(struct wpa_ssid *ssid, int line)
 		ssid->group_cipher &= ~WPA_CIPHER_CCMP;
 	}
 
+	if (is_6ghz_freq(ssid->frequency) && ssid->mode == WPAS_MODE_MESH &&
+	    ssid->key_mgmt == WPA_KEY_MGMT_NONE) {
+		wpa_printf(MSG_ERROR,
+			   "Line %d: key_mgmt for mesh network in 6 GHz should be SAE",
+			   line);
+		errors++;
+	}
 	if (ssid->mode == WPAS_MODE_MESH &&
 	    (ssid->key_mgmt != WPA_KEY_MGMT_NONE &&
 	    ssid->key_mgmt != WPA_KEY_MGMT_SAE)) {