From d396b0aba9a8157a3367dc683937087dd9f14da1 Mon Sep 17 00:00:00 2001
From: Sunil Ravi <sunilravi@google.com>
Date: Mon, 7 Oct 2019 22:36:43 +0000
Subject: Revert "[WPA2-Enterprise] Avoid disabling PMF, allow using global
 value (capable)"

This reverts commit cffde1c721e11a486d5191fe35430d642759881e.

Reason for revert: With 5974d201189471be732f701ef33f10acc026084e, supplicant will takes care of enabling pmf if AP is PMF capable or PMF required.

Bug: 131267738, 140372352
Test: Regression test

Change-Id: I1362328b5fa55bc80cf7a6543b1d5d952deb0f65
Merged-In: I1362328b5fa55bc80cf7a6543b1d5d952deb0f65
---
 .../com/android/server/wifi/SupplicantStaNetworkHal.java | 16 ++++------------
 1 file changed, 4 insertions(+), 12 deletions(-)

(limited to 'service')

diff --git a/service/java/com/android/server/wifi/SupplicantStaNetworkHal.java b/service/java/com/android/server/wifi/SupplicantStaNetworkHal.java
index 9255fc231..dd56b5f57 100644
--- a/service/java/com/android/server/wifi/SupplicantStaNetworkHal.java
+++ b/service/java/com/android/server/wifi/SupplicantStaNetworkHal.java
@@ -339,19 +339,11 @@ public class SupplicantStaNetworkHal {
                 Log.e(TAG, config.SSID + ": failed to set hiddenSSID: " + config.hiddenSSID);
                 return false;
             }
-            // The logic below is skipping WPA2-Enterprise explicit setting of PMF to disabled
-            // in order to allow connection to networks with PMF required. Skipping means that
-            // wpa_supplicant will use the global setting (optional/capable).
-            // TODO(b/130755779): A permanent fix should convert requirePMF to a tri-state variablbe
-            boolean wpa2EnterpriseSkipPmf = !config.requirePMF
-                    && (config.allowedKeyManagement.get(WifiConfiguration.KeyMgmt.WPA_EAP)
-                    || config.allowedKeyManagement.get(WifiConfiguration.KeyMgmt.IEEE8021X));
+
             /** RequirePMF */
-            if (!wpa2EnterpriseSkipPmf) {
-                if (!setRequirePmf(config.requirePMF)) {
-                    Log.e(TAG, config.SSID + ": failed to set requirePMF: " + config.requirePMF);
-                    return false;
-                }
+            if (!setRequirePmf(config.requirePMF)) {
+                Log.e(TAG, config.SSID + ": failed to set requirePMF: " + config.requirePMF);
+                return false;
             }
             /** Key Management Scheme */
             if (config.allowedKeyManagement.cardinality() != 0) {
-- 
cgit v1.2.3