From 0d5d05f2a6a6895aa2b1ffeda34489552468327b Mon Sep 17 00:00:00 2001 From: Ariel D'Alessandro Date: Wed, 14 Sep 2022 15:46:10 -0300 Subject: wifi: Handle invalid-key case on WPA-SAE authentication failure On WPA3-SAE authentication, wpa_supplicant goes directly from authenticating to disconnected state if the key was invalid. The above is currently not handled and the `connect-failed` error is reported on such cases. In order to make the client agent prompt for a new password, we need to handle this transition and report the `invalid-key` error. --- plugins/wifi.c | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/plugins/wifi.c b/plugins/wifi.c index 2a933708..ed7437f5 100644 --- a/plugins/wifi.c +++ b/plugins/wifi.c @@ -2528,6 +2528,25 @@ static bool handle_4way_handshake_failure(GSupplicantInterface *interface, return false; } +static bool handle_sae_authentication_failure(struct connman_network *network, + struct wifi_data *wifi) +{ + struct wifi_network *network_data = connman_network_get_data(network); + + if (!(network_data->keymgmt & G_SUPPLICANT_KEYMGMT_SAE)) + return false; + + if (wifi->state != G_SUPPLICANT_STATE_AUTHENTICATING) + return false; + + if (wifi->connected) + return false; + + connman_network_set_error(network, CONNMAN_NETWORK_ERROR_INVALID_KEY); + + return true; +} + static void interface_state(GSupplicantInterface *interface) { struct connman_network *network; @@ -2625,6 +2644,13 @@ static void interface_state(GSupplicantInterface *interface) network, wifi)) break; + /* + * On WPA3-SAE authentication, wpa_supplicant goes directly from + * authenticating to disconnected state if the key was invalid. + */ + if (handle_sae_authentication_failure(network, wifi)) + break; + /* See table 8-36 Reason codes in IEEE Std 802.11 */ switch (wifi->disconnect_code) { case 6: /* Class 2 frame received from nonauthenticated STA */ -- cgit v1.2.1