From patchwork Thu Apr 7 11:49:43 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nicolas Escande X-Patchwork-Id: 1614464 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=cXwNCejZ; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20210112 header.b=cc81ldn9; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4KZ08f2rGkz9sGZ for ; Thu, 7 Apr 2022 21:51:30 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:Message-Id:Date:Subject:Cc :To:From:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References: List-Owner; bh=U4fGE274jQ4yHr5NcQ95KG26Gqt29tSiRFR8SJXcJBw=; b=cXwNCejZpnCCB3 T0OwboOJFpKI167SRNNLgXjCWzB6h7pKFWuWj3PIHU+3ZPgdhjE9L9u+5seQndLnmTYStsfdMpCYS DFeb4KqD4mx9PJntFaWRjmhe14lABbFq/r2R02dPTsIb8UAfGqMO8+8pgXMUKQA0qB9Cq/iO5hZt0 8n9jInt9vRASwINXbIidvKTgsTuGmBVGJbobWAkU9Cr3dU4gd73egthzUjWSBczC3g+q7Egf9c3qx YSKH+L61t0X+U0byhfaMIHfWOVy6h0f3dt5PAGOVy/PBrL+kunSSLejtlTV7sTz4CjBsT/qMQfRf5 T4zR//LRtD1zVQe9M60Q==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1ncQeV-00BeNZ-W4; Thu, 07 Apr 2022 11:50:16 +0000 Received: from mail-wr1-x429.google.com ([2a00:1450:4864:20::429]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1ncQeO-00BeJr-JV for hostap@lists.infradead.org; Thu, 07 Apr 2022 11:50:10 +0000 Received: by mail-wr1-x429.google.com with SMTP id w21so7499756wra.2 for ; Thu, 07 Apr 2022 04:50:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=YR7lsNZ6+sCHbXtkLwUtZ9aDq4gR9ytoChTeslviWxY=; b=cc81ldn90nmD7KDzybrxosiIeQgZfWgOqUAac5trVv14mMXKB5CWcd7R9/Sme8Q+Z6 JcC/tG30AQBdVLM1I5iTqO/2sr164IsTgt8rZb81tdYQMj1HZolq7rvk+yyBhZhbX5ia 4cNdNznKR/grFeaON0J/Y1qswhrz0pRUki/Oz7ssXK7Jk+xUFu+W8aWVCRx+ESS1is0C DRCryhcjy/sscusFZlR85ONAgDIFG9ETkRYaYZlUylqrsiCuqf8qnAgNan/3Mbd6XWOK fh/CAB4Pxghr0JNUIiredWJYo3GukM67bEOVnVQerxYBn9qAWeeI5t67ijAlOv+txRwO csog== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=YR7lsNZ6+sCHbXtkLwUtZ9aDq4gR9ytoChTeslviWxY=; b=A5/lj4TML2ZMp4W646tI/o0WvY9AoGoARMBLRlVWaA4PBNNRPYehw7x4Tj2mY10qot 8e1E5czCMrwazQ4xYUs3PEl4ftWtIKXkBEde77oW9fTwxTHSY2/1/hoQywG49EUYH7g7 ITlrd3a/xvB9IFzWd6pgYr5D3coiwesGuHtWMgkU2Y8hoGCQVzL3CIpCztP4DQWWQzQX lVhLTUlFCyF/7KJoa2PjOwo4GRB7M+xZ7srIA5A065HyFk+ETbJkLXhB+GRP60l3onk8 WmZbyFWAn+P/ZDlnWOv8AoHYKTWQ6/zMPTYR87EYD1hUF9rzyXs0+F8Ax8/GX94iWQJf XA1A== X-Gm-Message-State: AOAM532sOxXJRE3b16KoNkz4lSLqLUZBS6qavj012s29tGfuKYKQ8UFn yXy6XY4XsAT1Fqo2mAz27EADxa0W18I= X-Google-Smtp-Source: ABdhPJzJyx1kbkRJtA1rWv+jkkyUseFgLFg8R5zVmjF53Bm+TBudMEvV6w9Xd+/EkFEkFFZItY3IKw== X-Received: by 2002:a05:6000:1104:b0:1f9:7df6:c864 with SMTP id z4-20020a056000110400b001f97df6c864mr10319133wrw.63.1649332204910; Thu, 07 Apr 2022 04:50:04 -0700 (PDT) Received: from syracuse.iliad.local (freebox.vlq16.iliad.fr. [213.36.7.13]) by smtp.gmail.com with ESMTPSA id c11-20020a05600c0a4b00b0037c91e085ddsm9210067wmq.40.2022.04.07.04.50.04 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 07 Apr 2022 04:50:04 -0700 (PDT) From: Nicolas Escande To: hostap@lists.infradead.org Cc: Nicolas Escande Subject: [PATCH] AP: SAE on 6GHz requires H2E enabled in config Date: Thu, 7 Apr 2022 13:49:43 +0200 Message-Id: <20220407114943.2665222-1-nico.escande@gmail.com> X-Mailer: git-send-email 2.35.1 MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20220407_045008_674897_B3DE0345 X-CRM114-Status: UNSURE ( 8.58 ) X-CRM114-Notice: Please train this message. X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Signed-off-by: Nicolas Escande --- src/ap/ap_config.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/ap/ap_config.c b/src/ap/ap_config.c index 051b843e9..d2b8dd244 100644 --- a/src/ap/ap_config.c +++ b/src/ap/ap_config.c @@ -1187,6 +1187,13 @@ static bool hostapd_config_check_bss_6g( [...] Content analysis details: (-0.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2a00:1450:4864:20:0:0:0:429 listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider [nico.escande[at]gmail.com] -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Signed-off-by: Nicolas Escande --- src/ap/ap_config.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/ap/ap_config.c b/src/ap/ap_config.c index 051b843e9..d2b8dd244 100644 --- a/src/ap/ap_config.c +++ b/src/ap/ap_config.c @@ -1187,6 +1187,13 @@ static bool hostapd_config_check_bss_6g(struct hostapd_bss_config *bss) return false; } +#ifdef CONFIG_SAE + if ((bss->wpa_key_mgmt & WPA_KEY_MGMT_SAE) && !bss->sae_pwe) { + wpa_printf(MSG_ERROR, "SAE with H2E is mandatory on 6 GHz"); + return false; + } +#endif + if (bss->rsn_pairwise & (WPA_CIPHER_WEP40 | WPA_CIPHER_WEP104 | WPA_CIPHER_TKIP)) {