From cf94626c5064431fee624b357ca33174d96eb95b Mon Sep 17 00:00:00 2001
From: Purushottam Kushwaha <pkushwah@codeaurora.org>
Date: Tue, 18 Sep 2018 16:34:09 +0530
Subject: [PATCH] OWE: Do not try to enable PMF for non-RSN associations

Explicitly set the PMF configuration to 0 (NO_MGMT_FRAME_PROTECTION) for
non-RSN associations. This specifically helps with OWE transition mode
when the network block is configured with PMF set to required, but the
BSS selected is in open mode. There is no point to try to enable PMF for
such an association.

This fixes issues with drivers that use the NL80211_ATTR_USE_MFP
attribute to set expectations for PMF use. The combination of non-RSN
connection with claimed requirement for PMF (NL80211_MFP_REQUIRED) could
cause such drivers to reject the connection in OWE transition mode.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
---
 wpa_supplicant/wpa_supplicant.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c
index 218023832..4531c62a7 100644
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -3075,6 +3075,11 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
 				"MFP: require MFP");
 			params.mgmt_frame_protection =
 				MGMT_FRAME_PROTECTION_REQUIRED;
+#ifdef CONFIG_OWE
+		} else if (!rsn && (ssid->key_mgmt & WPA_KEY_MGMT_OWE) &&
+			   !ssid->owe_only) {
+			params.mgmt_frame_protection = NO_MGMT_FRAME_PROTECTION;
+#endif /* CONFIG_OWE */
 		}
 	}
 #endif /* CONFIG_IEEE80211W */