[PATCH] SME: Omit RSNXE for WPA2 connections
Arowa Suliman
arowa at chromium.org
Fri Feb 27 15:27:27 PST 2026
The Robust Security Network eXtended Element (RSNXE) is specific to
WPA3.
Including it in WPA2 handshakes causes authentication failures with some
Access Points, as they do not handle its presence correctly in a WPA2
context.
Known impacted routers: TP-Link EAP320 and TP-Link Archer VR400 and
Test: Connect to WPA2-PSK network with TP-Link EAP320 router
Signed-off-by: Arowa Suliman <arowa at chromium.org>
---
wpa_supplicant/sme.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/wpa_supplicant/sme.c b/wpa_supplicant/sme.c
index a14ff784c..0843c43c8 100644
--- a/wpa_supplicant/sme.c
+++ b/wpa_supplicant/sme.c
@@ -1049,6 +1049,11 @@ static void sme_send_authentication(struct wpa_supplicant *wpa_s,
}
}
+ // Omit RSNXE for WPA2 connections.
+ if (wpa_key_mgmt_wpa_psk_no_sae(ssid->key_mgmt)) {
+ omit_rsnxe = 1;
+ }
+
#ifdef CONFIG_IEEE80211R
ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
--
2.53.0.473.g4a7958ca14-goog
More information about the Hostap
mailing list