WPS: Do not advertise WPA/WPA2-Enterprise Auth Type Flags

While the device itself may support WPA/WPA2-Enterprise, enrollment of
credentials for EAP authentication is not supported through WPS. As
such, there is no need to claim support for these capabilities within
WPS information.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

diff --git a/src/wps/wps_attr_build.c b/src/wps/wps_attr_build.c
index 62d0feb..c7e1cbb 100644 (file)
--- a/src/wps/wps_attr_build.c
+++ b/src/wps/wps_attr_build.c
@@ -296,6 +296,9 @@ int wps_build_registrar_nonce(struct wps_data *wps, struct wpabuf *msg)
 int wps_build_auth_type_flags(struct wps_data *wps, struct wpabuf *msg)
 {
        u16 auth_types = WPS_AUTH_TYPES;
+       /* WPA/WPA2-Enterprise enrollment not supported through WPS */
+       auth_types &= ~WPS_AUTH_WPA;
+       auth_types &= ~WPS_AUTH_WPA2;
 #ifdef CONFIG_WPS2
        auth_types &= ~WPS_AUTH_SHARED;
 #endif /* CONFIG_WPS2 */