DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

DPP: Do not restrict SAE password length on Enrollee

Browse source 
The restriction of the passphrase length to 8..63 characters is only
applicable for WPA2-Personal (PSK). Remove this constraint when
processing a configuration object that includes SAE without PSK.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
This commit is contained in:
Jouni Malinen 2024-08-22 11:25:54 +03:00 committed by Jouni Malinen
parent 503e22025b
commit 882bd2edd5
2 changed files with 11 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
src/common/dpp.c
View file

@ -2565,8 +2565,12 @@ static int dpp_parse_cred_legacy(struct dpp_config_obj *conf,
wpa_hexdump_ascii_key(MSG_DEBUG, "DPP: Legacy passphrase",
pass->string, len);
if (len < 8 || len > 63)
if (dpp_akm_psk(conf->akm) && (len < 8 || len > 63)) {
wpa_printf(MSG_DEBUG,
"DPP: Unexpected pass length %zu for a config object that includes PSK",
len);
return -1;
}
os_strlcpy(conf->passphrase, pass->string,
sizeof(conf->passphrase));
} else if (psk_hex && psk_hex->type == JSON_STRING) {

7
wpa_supplicant/dpp_supplicant.c
View file

@ -1475,12 +1475,17 @@ static struct wpa_ssid * wpas_dpp_add_network(struct wpa_supplicant *wpa_s,
ssid->ieee80211w = MGMT_FRAME_PROTECTION_OPTIONAL;
else
ssid->ieee80211w = MGMT_FRAME_PROTECTION_REQUIRED;
if (conf->passphrase[0]) {
if (conf->passphrase[0] && dpp_akm_psk(conf->akm)) {
if (wpa_config_set_quoted(ssid, "psk",
conf->passphrase) < 0)
goto fail;
wpa_config_update_psk(ssid);
ssid->export_keys = 1;
} else if (conf->passphrase[0] && dpp_akm_sae(conf->akm)) {
if (wpa_config_set_quoted(ssid, "sae_password",
conf->passphrase) < 0)
goto fail;
ssid->export_keys = 1;
} else {
ssid->psk_set = conf->psk_set;
os_memcpy(ssid->psk, conf->psk, PMK_LEN);