[PATCH 07/13] SME: Add support for handling authentication with MLD
Otcheretianski, Andrei
andrei.otcheretianski at intel.com
Mon Nov 28 09:29:24 PST 2022
> > @@ -1785,6 +1972,10 @@ void sme_event_auth(struct wpa_supplicant
> *wpa_s, union wpa_event_data *data)
> > }
> > #endif /* CONFIG_FILS */
> >
> > + /* TODO: Support for other auth_type as well */
> > + if (data->auth.auth_type == WLAN_AUTH_OPEN)
> > + wpas_sme_ml_auth(wpa_s, data);
>
> This sounds quite problematic since IEEE P802.11be/D2.2 seems to imply that
> MLO require RSN to be used and that would most likely mean SAE for cases
> that do not use EAP or OWE.
>
WLAN_AUTH_OPEN holds for OWE as well. This "if" statement is needed to prevent
going into wpas_sme_ml_auth() for other auth types as it doesn't know to properly
skip over all the fixed parts in auth frame body (for SAE for example), as defined in
table 9-68 (in REVme_D1.3).
We have a patch that adds support for SAE, I didn't send it out meanwhile as it conflicts
with the PMKSA patch from Veerendranath series.
In any case I don't see where D2.2 states that open is not allowed.
See for example, 11.3.5.3:
" If Open System or Shared Key authentication algorithm is being used, the STA or the *MLD*
shall execute the procedure described in 12.3.3.2 (Open System authentication) [...]"
> What is the set of key management options this patch set is expected to
> support? I'd like to start with SAE and OWE and not allow OPEN to match the
> P802.11be expectations.
We tested it internally with open, psk and owe.
I'll send our SAE patch as well in the next series.
Thanks,
Andrei
>
> --
> Jouni Malinen PGP id EFC895FA
More information about the Hostap
mailing list