[PATCH] SME: Omit RSNXE for WPA2 connections
Jouni Malinen
j at w1.fi
Wed Mar 18 15:05:08 PDT 2026
On Tue, Mar 03, 2026 at 08:29:32PM +0000, Arowa Suliman wrote:
> The Robust Security Network eXtended Element (RSNXE) is specific to
> WPA3.
That is not strictly speaking accurate. As far as the IEEE 802.11
standard is concerned, the RSNXE can be used in all RSN cases and that
would include WPA2-Personal. That said, since the RSNXE was added after
WPA2 was launched, it does not feel very likely that APs that do not
support WPA3 would be capable of negotiating any features covered in the
RSNXE.
The hwsim test cases for SPP A-MSDU are actually an example of how the
proposed change could results in breaking something that used to work,
i.e., it does indeed break those test cases because the new negotiation
mechanism for SPP A-MSDU uses the RSNXE and the test cases were written
using WPA2-Personal. I changed them to use WPA3-Personal now, though, to
avoid issues.
> Including it in WPA2 handshakes causes authentication failures with some
> Access Points, as they do not handle its presence correctly in a WPA2
> context.
>
> Known impacted routers: TP-Link EAP320 and TP-Link Archer VR400 and
Was there supposed to be a third AP identified here? In any case, I did
apply the change with some cleanup.
--
Jouni Malinen PGP id EFC895FA
More information about the Hostap
mailing list