Re: [PATCH v2 2/3] nl80211: Allow SAE Authentication for NL80211_CMD_CONNECT

[Johannes Berg]

On Fri, 2017-12-22 at 18:33 +0200, Jouni Malinen wrote:
> From: Srinivas Dasari 
> 
> This commit allows SAE Authentication for NL80211_CMD_CONNECT
> interface, provided this is supported by the host driver.

Now this is interesting - there could potentially be a case where you
request SAE, but don't set NL80211_ATTR_EXTERNAL_AUTH_SUPP[ORT], and
then SAE *isn't* supported, right?

What happens then? Do we expect the driver to reject it? Better at
least document the expected behaviour...

johannes

[PATCH v2 2/3] nl80211: Allow SAE Authentication for NL80211_CMD_CONNECT

[Jouni Malinen]

From: Srinivas Dasari 

This commit allows SAE Authentication for NL80211_CMD_CONNECT
interface, provided this is supported by the host driver.

Signed-off-by: Srinivas Dasari 
Signed-off-by: Jouni Malinen 
---
 net/wireless/nl80211.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

v2:
- no changes; just rebased and included in the full patch series

diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
index 41a0373..ea36514 100644
--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@@ -3917,7 +3917,8 @@ static bool nl80211_valid_auth_type(struct 
cfg80211_registered_device *rdev,
return true;
case NL80211_CMD_CONNECT:
/* SAE not supported yet */
-   if (auth_type == NL80211_AUTHTYPE_SAE)
+   if (!(rdev->wiphy.features & NL80211_FEATURE_SAE) &&
+   auth_type == NL80211_AUTHTYPE_SAE)
return false;
/* FILS with SK PFS or PK not supported yet */
if (auth_type == NL80211_AUTHTYPE_FILS_SK_PFS ||
-- 
2.7.4