HS 2.0: Reject Hotspot 2.0 Rel 2 or newer association without PMF
Hotspot 2.0 Rel 2 requires PMF to be enabled. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
parent
c8f7a83c65
commit
f3784a6b94
1 changed files with 11 additions and 1 deletions
|
@ -2713,10 +2713,20 @@ static u16 check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta,
|
||||||
#ifdef CONFIG_HS20
|
#ifdef CONFIG_HS20
|
||||||
wpabuf_free(sta->hs20_ie);
|
wpabuf_free(sta->hs20_ie);
|
||||||
if (elems.hs20 && elems.hs20_len > 4) {
|
if (elems.hs20 && elems.hs20_len > 4) {
|
||||||
|
int release;
|
||||||
|
|
||||||
sta->hs20_ie = wpabuf_alloc_copy(elems.hs20 + 4,
|
sta->hs20_ie = wpabuf_alloc_copy(elems.hs20 + 4,
|
||||||
elems.hs20_len - 4);
|
elems.hs20_len - 4);
|
||||||
} else
|
release = ((elems.hs20[4] >> 4) & 0x0f) + 1;
|
||||||
|
if (release >= 2 && !wpa_auth_uses_mfp(sta->wpa_sm)) {
|
||||||
|
wpa_printf(MSG_DEBUG,
|
||||||
|
"HS 2.0: PMF not negotiated by release %d station "
|
||||||
|
MACSTR, release, MAC2STR(sta->addr));
|
||||||
|
return WLAN_STATUS_ROBUST_MGMT_FRAME_POLICY_VIOLATION;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
sta->hs20_ie = NULL;
|
sta->hs20_ie = NULL;
|
||||||
|
}
|
||||||
|
|
||||||
wpabuf_free(sta->roaming_consortium);
|
wpabuf_free(sta->roaming_consortium);
|
||||||
if (elems.roaming_cons_sel)
|
if (elems.roaming_cons_sel)
|
||||||
|
|
Loading…
Reference in a new issue