colin/NetworkManager
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

core: fix WPA2 fallback for WPA3 transition APs

Browse Source 
When connecting to an AP configured for WPA3 transition mode, the
connection will fail if PMF is disabled on the client due to SAE and
FT-SAE being unconditionally added to the key_mgmt variable's
parameters.

By removing the "!is_ap ||" check, SAE and FT-SAE will no longer be
selected when PMF is disabled, allowing clients to connect via
WPA2/PSK mode as per the original intent of
a0988868ba.

Signed-off-by: Conn O'Griofa <connogriofa@gmail.com>
This commit is contained in:
Conn O'Griofa
2025-05-11 23:21:30 +01:00
committed by Beniamino Galvani
parent eac9f828e8
commit b00c6749d7
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/core/supplicant/nm-supplicant-config.c
View File

@@ -1012,7 +1012,7 @@ nm_supplicant_config_add_setting_wireless_security(NMSupplicantConfig
if (_get_capability(priv, NM_SUPPL_CAP_TYPE_SAE)
&& _get_capability(priv, NM_SUPPL_CAP_TYPE_PMF)
&& _get_capability(priv, NM_SUPPL_CAP_TYPE_BIP)
&& (!is_ap || pmf != NM_SETTING_WIRELESS_SECURITY_PMF_DISABLE)) {
&& (pmf != NM_SETTING_WIRELESS_SECURITY_PMF_DISABLE)) {
g_string_append(key_mgmt_conf, " SAE");
if (!is_ap && _get_capability(priv, NM_SUPPL_CAP_TYPE_FT))
g_string_append(key_mgmt_conf, " FT-SAE");