From: Sunil Dutt <usdutt@qti.qualcomm.com>
Date: Sat, 30 Apr 2016 09:52:36 +0000 (+0530)
Subject: Skip connection attempt for non-RSN networks if PMF is set to required
X-Git-Tag: hostap_2_6~510
X-Git-Url: http://www.project-moonshot.org/gitweb/?p=mech_eap.git;a=commitdiff_plain;h=03626e9157f6c4685f15c05ed439f4fdb0359bc8

Skip connection attempt for non-RSN networks if PMF is set to required

Since ieee80211w=2 is an explicit configuration to wpa_supplicant, the
connection attempt for such non-PMF (non-RSN) capable networks should be
skipped.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
---

diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c
index f9b9cd6..6139033 100644
--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
@@ -594,6 +594,14 @@ static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s,
 		return 1;
 	}
 
+#ifdef CONFIG_IEEE80211W
+	if (wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
+		wpa_dbg(wpa_s, MSG_DEBUG,
+			"   skip - MFP Required but network not MFP Capable");
+		return 0;
+	}
+#endif /* CONFIG_IEEE80211W */
+
 	wpa_ie = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
 	while ((ssid->proto & WPA_PROTO_WPA) && wpa_ie) {
 		proto_match++;