On 2018/01/18 05:52, Masashi Honma wrote:
> On 2018/01/18 02:06, Beniamino Galvani wrote:
>> Commit 87ec5e90fe79 ("supplicant: set key_mgmt independent of pmf
>> value") enabled WPA-PSK-SHA256 or WPA-EAP-SHA256 even when the
>> supplicant didn't support them, potentially causing connection
>> failures. Instead, use the 'pmf' capability to detect when they can
>> be enabled.
>>
>> Fixes: 87ec5e90fe79fcb2ac315cf1604e757dcab60bb9
>> ---
>>
>> Hi,
>>
>> this patch fixes regressions discovered after the merge of FILS
>> patches by our nightly CI that runs on CentOS where wpa_supplicant is
>> compiled without 802.11w support.
>>
>> This patch fixes those regression. Comments welcome.
> Hi,
>
> I am sorry for regression...
>
> Though indeed using pmf capability works, I think using key_mgmt
> capability is better. I will try this at this week end.
By watching wpa_supplicant code, the pmf capability exists if and
only if WPA-PSK-SHA256 and WPA-EAP-SHA256 exists. So your patch
looks nice to me. Thanks !
Masashi Honma.
_______________________________________________
networkmanager-list mailing list
networkmanager-list@gnome.org
https://mail.gnome.org/mailman/listinfo/networkmanager-list
