From cffde1c721e11a486d5191fe35430d642759881e Mon Sep 17 00:00:00 2001 From: Hai Shalom Date: Wed, 17 Apr 2019 15:33:02 -0700 Subject: [WPA2-Enterprise] Avoid disabling PMF, allow using global value (capable) Bug: 130753077 Test: Connect to WPA3-Enterprise Test: Connect to WPA3-Personal Test: Connect to WPA2-Personal Test: atest SupplicantStaNetworkHalTest Change-Id: If5f216f6947fe4b5b86681a6004ea252c399045d --- .../com/android/server/wifi/SupplicantStaNetworkHal.java | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) (limited to 'service') diff --git a/service/java/com/android/server/wifi/SupplicantStaNetworkHal.java b/service/java/com/android/server/wifi/SupplicantStaNetworkHal.java index 87a96ce98..059ea797c 100644 --- a/service/java/com/android/server/wifi/SupplicantStaNetworkHal.java +++ b/service/java/com/android/server/wifi/SupplicantStaNetworkHal.java @@ -339,11 +339,19 @@ public class SupplicantStaNetworkHal { Log.e(TAG, config.SSID + ": failed to set hiddenSSID: " + config.hiddenSSID); return false; } - + // The logic below is skipping WPA2-Enterprise explicit setting of PMF to disabled + // in order to allow connection to networks with PMF required. Skipping means that + // wpa_supplicant will use the global setting (optional/capable). + // TODO(b/130755779): A permanent fix should convert requirePMF to a tri-state variablbe + boolean wpa2EnterpriseSkipPmf = !config.requirePMF + && (config.allowedKeyManagement.get(WifiConfiguration.KeyMgmt.WPA_EAP) + || config.allowedKeyManagement.get(WifiConfiguration.KeyMgmt.IEEE8021X)); /** RequirePMF */ - if (!setRequirePmf(config.requirePMF)) { - Log.e(TAG, config.SSID + ": failed to set requirePMF: " + config.requirePMF); - return false; + if (!wpa2EnterpriseSkipPmf) { + if (!setRequirePmf(config.requirePMF)) { + Log.e(TAG, config.SSID + ": failed to set requirePMF: " + config.requirePMF); + return false; + } } /** Key Management Scheme */ if (config.allowedKeyManagement.cardinality() != 0) { -- cgit v1.2.3