diff options
| author | Hai Shalom <haishalom@google.com> | 2019-04-17 15:33:02 -0700 |
|---|---|---|
| committer | Hai Shalom <haishalom@google.com> | 2019-04-17 16:27:59 -0700 |
| commit | cffde1c721e11a486d5191fe35430d642759881e (patch) | |
| tree | 0c243547ca0241864622355afe9b2824b528c0fc /service | |
| parent | 84e590ea26498f9a1baa1ec1ee711dd31952fc74 (diff) | |
[WPA2-Enterprise] Avoid disabling PMF, allow using global value (capable)
Bug: 130753077
Test: Connect to WPA3-Enterprise
Test: Connect to WPA3-Personal
Test: Connect to WPA2-Personal
Test: atest SupplicantStaNetworkHalTest
Change-Id: If5f216f6947fe4b5b86681a6004ea252c399045d
Diffstat (limited to 'service')
| -rw-r--r-- | service/java/com/android/server/wifi/SupplicantStaNetworkHal.java | 16 |
1 files changed, 12 insertions, 4 deletions
diff --git a/service/java/com/android/server/wifi/SupplicantStaNetworkHal.java b/service/java/com/android/server/wifi/SupplicantStaNetworkHal.java index 87a96ce98..059ea797c 100644 --- a/service/java/com/android/server/wifi/SupplicantStaNetworkHal.java +++ b/service/java/com/android/server/wifi/SupplicantStaNetworkHal.java @@ -339,11 +339,19 @@ public class SupplicantStaNetworkHal { Log.e(TAG, config.SSID + ": failed to set hiddenSSID: " + config.hiddenSSID); return false; } - + // The logic below is skipping WPA2-Enterprise explicit setting of PMF to disabled + // in order to allow connection to networks with PMF required. Skipping means that + // wpa_supplicant will use the global setting (optional/capable). + // TODO(b/130755779): A permanent fix should convert requirePMF to a tri-state variablbe + boolean wpa2EnterpriseSkipPmf = !config.requirePMF + && (config.allowedKeyManagement.get(WifiConfiguration.KeyMgmt.WPA_EAP) + || config.allowedKeyManagement.get(WifiConfiguration.KeyMgmt.IEEE8021X)); /** RequirePMF */ - if (!setRequirePmf(config.requirePMF)) { - Log.e(TAG, config.SSID + ": failed to set requirePMF: " + config.requirePMF); - return false; + if (!wpa2EnterpriseSkipPmf) { + if (!setRequirePmf(config.requirePMF)) { + Log.e(TAG, config.SSID + ": failed to set requirePMF: " + config.requirePMF); + return false; + } } /** Key Management Scheme */ if (config.allowedKeyManagement.cardinality() != 0) { |