Regarding status code in initial SAE confirm message
James Prestwood
prestwoj at gmail.com
Wed Sep 8 12:27:48 PDT 2021
Hi,
On Wed, 2021-09-08 at 19:08 +0000, RAGHAVENDRA SADARAMACHANDRA
(rsadaram) wrote:
> Any info on below query?
>
> On 9/3/21, 11:13 PM, "RAGHAVENDRA SADARAMACHANDRA (rsadaram)"
> <rsadaram at cisco.com> wrote:
>
> Hi All,
>
> What's the importance/use of status code in initial confirm
> message from the client. Do we need to check for status code ==
> success in confirm message from the client.
>
> Spec does not talk about status code in initial confirm message.
I don't think the spec cares about "initial confirm" vs any other
confirm. Its just a confirm message.
> It mentions: An SAE Confirm message, with a status code not equal to
> SUCCESS, shall indicate that a peer rejects a previously sent SAE
> Confirm message. An SAE Confirm message that was not successfully
> verified is indicated with a status code of CHALLENGE_FAILURE.
How does that not describe the intended behavior? If hostapd receives a
confirm with non-success status code it treats that as the peer
rejecting. Seems reasonable to me.
>
>
> } else if (auth_transaction == 2) {
> hostapd_logger(hapd, sta->addr,
> HOSTAPD_MODULE_IEEE80211,
> HOSTAPD_LEVEL_DEBUG,
> "SAE authentication (RX confirm,
> status=%u (%s))",
> status_code,
> status2str(status_code));
> if (status_code != WLAN_STATUS_SUCCESS)
> goto remove_sta;
>
>
> -Raghu
>
>
> _______________________________________________
> Hostap mailing list
> Hostap at lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/hostap
More information about the Hostap
mailing list