| Message ID | 20240921063303.2369547-1-matthewmwang@google.com |
|---|---|
| State | Changes Requested |
| Headers | show |
| Series | Filter MLD APs | expand |
On Sat, Sep 21, 2024 at 06:33:03AM +0000, Matthew Wang wrote:
> MLD APs require MFPC and disallow PSK key managements.
There has been a number of deployed "pre Wi-Fi 7" APs that enable MLO
with WPA2-Personal and without PMF. As such, this change would seem to
cause inconvenient user experience and no way of working around that
regardless of whether the local device even supports MLO. In practice,
the most convenient approach for this seems to be to allow the
connection, but disable MLO if PMF cannot be negotiated.
IEEE P802.11be/D7.0 does not actually disallow PSK AKMs for EHT cases.
Such a requirement comes from WFA for Wi-Fi 7. I don't think
wpa_supplicant should be trying to enforce this taken into account those
early deployed APs that are known to use WPA2-Personal with MLO.
diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c index 90e1c7b9f..035b37888 100644 --- a/wpa_supplicant/events.c +++ b/wpa_supplicant/events.c @@ -744,16 +744,16 @@ static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s, break; } - if (is_6ghz_bss) { - /* MFPC must be supported on 6 GHz */ + if (is_6ghz_bss || !is_zero_ether_addr(bss->mld_addr)) { + /* MFPC must be supported on 6 GHz and MLD */ if (!(ie.capabilities & WPA_CAPABILITY_MFPC)) { if (debug_print) wpa_dbg(wpa_s, MSG_DEBUG, - " skip RSNE - 6 GHz without MFPC"); + " skip RSNE - 6 GHz/MLD without MFPC"); break; } - /* WPA PSK is not allowed on the 6 GHz band */ + /* WPA PSK is not allowed on the 6 GHz band or MLD */ ie.key_mgmt &= ~(WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_FT_PSK | WPA_KEY_MGMT_PSK_SHA256);
MLD APs require MFPC and disallow PSK key managements. Signed-off-by: Matthew Wang <matthewmwang@chromium.org> --- wpa_supplicant/events.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-)