Home Explore Help
Register Sign In
wareck
/
krackattacks
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

MBO: Mandate use of PMF for WPA2+MBO association (STA)

If WPA2 is used, MBO AP must enable PMF. Refuse to select a BSS that has
MBO and WPA2 enabled without PMF.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen 9 years ago
parent
4c572281ed
commit
940491ce08
1 changed files with 10 additions and 0 deletions
Split View Show Diff Stats
  1. 10 0
      wpa_supplicant/events.c

+ 10 - 0
wpa_supplicant/events.c
View File 

@@ -574,6 +574,16 @@ static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s,
 
 				"   skip RSN IE - no mgmt frame protection enabled but AP requires it");
 
 			break;
 
 		}
 
+#ifdef CONFIG_MBO
 
+		if (!(ie.capabilities & WPA_CAPABILITY_MFPC) &&
 
+		    wpas_mbo_get_bss_attr(bss, MBO_ATTR_ID_AP_CAPA_IND) &&
 
+		    wpas_get_ssid_pmf(wpa_s, ssid) !=
 
+		    NO_MGMT_FRAME_PROTECTION) {
 
+			wpa_dbg(wpa_s, MSG_DEBUG,
 
+				"   skip RSN IE - no mgmt frame protection enabled on MBO AP");
 
+			break;
 
+		}
 
+#endif /* CONFIG_MBO */
 
 
 		wpa_dbg(wpa_s, MSG_DEBUG, "   selected based on RSN IE");
 
 		return 1;