Re: [PATCH] wifi: enable WPA-*-SHA256 AKMs only when the supplicant supports them

From: Masashi Honma <masashi honma gmail com>
To: Beniamino Galvani <bgalvani redhat com>, networkmanager-list gnome org
Subject: Re: [PATCH] wifi: enable WPA-*-SHA256 AKMs only when the supplicant supports them
Date: Sun, 21 Jan 2018 15:33:09 +0900

On 2018/01/18 05:52, Masashi Honma wrote:

On 2018/01/18 02:06, Beniamino Galvani wrote:

Commit 87ec5e90fe79 ("supplicant: set key_mgmt independent of pmf
value") enabled WPA-PSK-SHA256 or WPA-EAP-SHA256 even when the
supplicant didn't support them, potentially causing connection
failures.  Instead, use the 'pmf' capability to detect when they can
be enabled.

Fixes: 87ec5e90fe79fcb2ac315cf1604e757dcab60bb9
---

Hi,

this patch fixes regressions discovered after the merge of FILS
patches by our nightly CI that runs on CentOS where wpa_supplicant is
compiled without 802.11w support.

This patch fixes those regression. Comments welcome.

Hi,

I am sorry for regression...

Though indeed using pmf capability works, I think using key_mgmt
capability is better. I will try this at this week end.


By watching wpa_supplicant code, the pmf capability exists if and
only if WPA-PSK-SHA256 and WPA-EAP-SHA256 exists. So your patch
looks nice to me. Thanks !

Masashi Honma.

References:
- [PATCH v2 1/7] supplicant: set key_mgmt independent of pmf value
  - From: Masashi Honma
- [PATCH] wifi: enable WPA-*-SHA256 AKMs only when the supplicant supports them
  - From: Beniamino Galvani
- Re: [PATCH] wifi: enable WPA-*-SHA256 AKMs only when the supplicant supports them
  - From: Masashi Honma

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]