[PATCH 07/13] SME: Add support for handling authentication with MLD

Otcheretianski, Andrei andrei.otcheretianski at intel.com
Mon Nov 28 09:29:24 PST 2022

> > @@ -1785,6 +1972,10 @@ void sme_event_auth(struct wpa_supplicant
> *wpa_s, union wpa_event_data *data)
> >  	}
> >  #endif /* CONFIG_FILS */
> >
> > +	/* TODO: Support for other auth_type as well */
> > +	if (data->auth.auth_type == WLAN_AUTH_OPEN)
> > +		wpas_sme_ml_auth(wpa_s, data);
> This sounds quite problematic since IEEE P802.11be/D2.2 seems to imply that
> MLO require RSN to be used and that would most likely mean SAE for cases
> that do not use EAP or OWE.
WLAN_AUTH_OPEN holds for OWE as well. This "if" statement is needed to prevent
going into wpas_sme_ml_auth() for other auth types as it doesn't know to properly
skip over all the fixed parts in auth frame body (for SAE for example), as defined in
table 9-68 (in REVme_D1.3).
We have a patch that adds support for SAE, I didn't send it out meanwhile as it conflicts
with the PMKSA patch from Veerendranath series.
In any case I don't see where D2.2 states that open is not allowed.
See for example,
" If Open System or Shared Key authentication algorithm is being used, the STA or the *MLD*
shall execute the procedure described in (Open System authentication) [...]"

> What is the set of key management options this patch set is expected to
> support? I'd like to start with SAE and OWE and not allow OPEN to match the
> P802.11be expectations.

We tested it internally with open, psk and owe.
I'll send our SAE patch as well in the next series.

> --
> Jouni Malinen                                            PGP id EFC895FA

More information about the Hostap mailing list