Re: [PATCH] wifi: enable WPA-*-SHA256 AKMs only when the supplicant supports them

On 2018/01/18 05:52, Masashi Honma wrote:
On 2018/01/18 02:06, Beniamino Galvani wrote:
Commit 87ec5e90fe79 ("supplicant: set key_mgmt independent of pmf
value") enabled WPA-PSK-SHA256 or WPA-EAP-SHA256 even when the
supplicant didn't support them, potentially causing connection
failures.  Instead, use the 'pmf' capability to detect when they can
be enabled.

Fixes: 87ec5e90fe79fcb2ac315cf1604e757dcab60bb9


this patch fixes regressions discovered after the merge of FILS
patches by our nightly CI that runs on CentOS where wpa_supplicant is
compiled without 802.11w support.

This patch fixes those regression. Comments welcome.

I am sorry for regression...

Though indeed using pmf capability works, I think using key_mgmt
capability is better. I will try this at this week end.

By watching wpa_supplicant code, the pmf capability exists if and
only if WPA-PSK-SHA256 and WPA-EAP-SHA256 exists. So your patch
looks nice to me. Thanks !

Masashi Honma.

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]