[PATCH] Display error on SAE connection with incorrect key

"Jianling.Fu" <jianling.fu@xxxxxxxxxxxx> · Fri, 27 Oct 2023 15:34:32 +0800

If a failure occurs at sae "auth confirm" step,
the most probable cause is an error related to the key.
Correspondingly, in the case of handling SME in wpa_supplicant,
a similar way to internally trigger an association reject
event is used. We do this through calling sme_event_assoc_reject
to trigger upper layer processing with the WRONG_PASSWORD event.

Signed-off-by: Jianling.Fu <jianling.fu@xxxxxxxxxxxx>
---
 wpa_supplicant/sme.c | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/wpa_supplicant/sme.c b/wpa_supplicant/sme.c
index bb04652f5..fdd8b331c 100644
--- a/wpa_supplicant/sme.c
+++ b/wpa_supplicant/sme.c
@@ -2038,6 +2038,30 @@ void sme_event_auth(struct wpa_supplicant *wpa_s, union wpa_event_data *data)
 				   data->auth.ies_len, 0, data->auth.peer,
 				   &ie_offset);
 		if (res < 0) {
+			/*
+			 * Based on the 'auth confirm' process, this is a confirmation message
+			 * indicating that it has successfully received and verified the key
+			 * from the router, and has acknowledged the connection. Thus, if a
+			 * failure occurs at this step, the most probable cause is an error
+			 * related to the key. Correspondingly, in the case of handling SME
+			 * in wpa_supplicant, a similar way to internally trigger an association
+			 * reject event is used. We do this through calling sme_event_assoc_reject
+			 * to trigger upper layer processing with the WRONG_PASSWORD event
+			 */
+			if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME
+					&& data->auth.auth_transaction == 2) {
+				union wpa_event_data event;
+
+				os_memset(&event, 0, sizeof(event));
+				event.assoc_reject.bssid = wpa_s->pending_bssid;
+				event.assoc_reject.status_code = WLAN_STATUS_UNSPECIFIED_FAILURE;
+				wpa_s->assoc_status_code = event.assoc_reject.status_code;
+				wpas_notify_assoc_status_code(wpa_s);
+				wpa_dbg(wpa_s, MSG_DEBUG,
+					 "SME: SAE Authentication failure，indicate assoc reject");
+				sme_event_assoc_reject(wpa_s, &event);
+
+				return;
+			}
 			wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
 			wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
 
-- 
2.18.0


_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap







