[WPA3] Fix WPA3-Personal transition mode
Fix WPA3-Personal in transition mode issues. Current
solution will create an upgraded WPA3 connection if
there is a WPA2 saved network and AP is in transition
mode.
Bug: 143843364
Test: Manual tests
Test: atest com.android.server.wifi
Change-Id: I53b278e846828198fb1953b075d86e16fac6d795
diff --git a/packages/SettingsLib/src/com/android/settingslib/wifi/AccessPoint.java b/packages/SettingsLib/src/com/android/settingslib/wifi/AccessPoint.java
index ab274b5..9518f5c 100644
--- a/packages/SettingsLib/src/com/android/settingslib/wifi/AccessPoint.java
+++ b/packages/SettingsLib/src/com/android/settingslib/wifi/AccessPoint.java
@@ -748,20 +748,7 @@
|| (mConfig != null && mConfig.shared != config.shared)) {
return false;
}
-
- final int configSecurity = getSecurity(config);
- final WifiManager wifiManager = getWifiManager();
- switch (security) {
- case SECURITY_PSK_SAE_TRANSITION:
- return configSecurity == SECURITY_PSK
- || (wifiManager.isWpa3SaeSupported() && configSecurity == SECURITY_SAE);
- case SECURITY_OWE_TRANSITION:
- return configSecurity == SECURITY_NONE
- || (wifiManager.isEnhancedOpenSupported()
- && configSecurity == SECURITY_OWE);
- default:
- return security == configSecurity;
- }
+ return security == getSecurity(config);
}
public WifiConfiguration getConfig() {
@@ -1334,34 +1321,10 @@
mAccessPointListener = listener;
}
- private static final String sPskSuffix = "," + String.valueOf(SECURITY_PSK);
- private static final String sSaeSuffix = "," + String.valueOf(SECURITY_SAE);
- private static final String sPskSaeSuffix = "," + String.valueOf(SECURITY_PSK_SAE_TRANSITION);
- private static final String sOweSuffix = "," + String.valueOf(SECURITY_OWE);
- private static final String sOpenSuffix = "," + String.valueOf(SECURITY_NONE);
- private static final String sOweTransSuffix = "," + String.valueOf(SECURITY_OWE_TRANSITION);
-
private boolean isKeyEqual(String compareTo) {
if (mKey == null) {
return false;
}
-
- if (compareTo.endsWith(sPskSuffix) || compareTo.endsWith(sSaeSuffix)) {
- if (mKey.endsWith(sPskSaeSuffix)) {
- // Special handling for PSK-SAE transition mode. If the AP has advertised both,
- // we compare the key with both PSK and SAE for a match.
- return TextUtils.equals(mKey.substring(0, mKey.lastIndexOf(',')),
- compareTo.substring(0, compareTo.lastIndexOf(',')));
- }
- }
- if (compareTo.endsWith(sOpenSuffix) || compareTo.endsWith(sOweSuffix)) {
- if (mKey.endsWith(sOweTransSuffix)) {
- // Special handling for OWE/Open networks. If AP advertises OWE in transition mode
- // and we have an Open network saved, allow this connection to be established.
- return TextUtils.equals(mKey.substring(0, mKey.lastIndexOf(',')),
- compareTo.substring(0, compareTo.lastIndexOf(',')));
- }
- }
return mKey.equals(compareTo);
}
@@ -1698,8 +1661,6 @@
private static int getSecurity(ScanResult result) {
if (result.capabilities.contains("WEP")) {
return SECURITY_WEP;
- } else if (result.capabilities.contains("PSK+SAE")) {
- return SECURITY_PSK_SAE_TRANSITION;
} else if (result.capabilities.contains("SAE")) {
return SECURITY_SAE;
} else if (result.capabilities.contains("PSK")) {
@@ -1708,8 +1669,6 @@
return SECURITY_EAP_SUITE_B;
} else if (result.capabilities.contains("EAP")) {
return SECURITY_EAP;
- } else if (result.capabilities.contains("OWE_TRANSITION")) {
- return SECURITY_OWE_TRANSITION;
} else if (result.capabilities.contains("OWE")) {
return SECURITY_OWE;
}
@@ -1756,10 +1715,6 @@
return "SUITE_B";
} else if (security == SECURITY_OWE) {
return "OWE";
- } else if (security == SECURITY_PSK_SAE_TRANSITION) {
- return "PSK+SAE";
- } else if (security == SECURITY_OWE_TRANSITION) {
- return "OWE_TRANSITION";
}
return "NONE";
}
@@ -1937,4 +1892,16 @@
}
}
}
+
+ /**
+ * Lets the caller know if the network was cloned from another network
+ *
+ * @return true if the network is cloned
+ */
+ public boolean isCloned() {
+ if (mConfig == null) {
+ return false;
+ }
+ return mConfig.clonedNetworkConfigKey != null;
+ }
}
diff --git a/wifi/java/android/net/wifi/WifiConfiguration.java b/wifi/java/android/net/wifi/WifiConfiguration.java
index 90343d4..f7d2b40 100644
--- a/wifi/java/android/net/wifi/WifiConfiguration.java
+++ b/wifi/java/android/net/wifi/WifiConfiguration.java
@@ -384,12 +384,7 @@
public void setSecurityParams(@SecurityType int securityType) {
// Clear all the bitsets.
allowedKeyManagement.clear();
- allowedProtocols.clear();
allowedAuthAlgorithms.clear();
- allowedPairwiseCiphers.clear();
- allowedGroupCiphers.clear();
- allowedGroupManagementCiphers.clear();
- allowedSuiteBCiphers.clear();
switch (securityType) {
case SECURITY_TYPE_OPEN:
@@ -412,6 +407,9 @@
requirePMF = true;
break;
case SECURITY_TYPE_EAP_SUITE_B:
+ allowedGroupCiphers.clear();
+ allowedGroupManagementCiphers.clear();
+ allowedSuiteBCiphers.clear();
allowedKeyManagement.set(WifiConfiguration.KeyMgmt.SUITE_B_192);
allowedGroupCiphers.set(WifiConfiguration.GroupCipher.GCMP_256);
allowedGroupManagementCiphers.set(WifiConfiguration.GroupMgmtCipher.BIP_GMAC_256);
@@ -947,6 +945,12 @@
public int meteredOverride = METERED_OVERRIDE_NONE;
/**
+ * This Wifi configuration is a clone of another network with lower security
+ * @hide
+ */
+ public String clonedNetworkConfigKey;
+
+ /**
* Blend together all the various opinions to decide if the given network
* should be considered metered or not.
*
@@ -1804,6 +1808,7 @@
shared = true;
dtimInterval = 0;
mRandomizedMacAddress = MacAddress.fromString(WifiInfo.DEFAULT_MAC_ADDRESS);
+ clonedNetworkConfigKey = null;
}
/**
@@ -2371,6 +2376,7 @@
/** copy constructor {@hide} */
@UnsupportedAppUsage
+
public WifiConfiguration(WifiConfiguration source) {
if (source != null) {
networkId = source.networkId;
@@ -2454,6 +2460,7 @@
requirePMF = source.requirePMF;
updateIdentifier = source.updateIdentifier;
carrierId = source.carrierId;
+ clonedNetworkConfigKey = source.clonedNetworkConfigKey;
}
}
@@ -2529,6 +2536,7 @@
dest.writeInt(osu ? 1 : 0);
dest.writeLong(randomizedMacExpirationTimeMs);
dest.writeInt(carrierId);
+ dest.writeString(clonedNetworkConfigKey);
}
/** Implement the Parcelable interface {@hide} */
@@ -2606,6 +2614,7 @@
config.osu = in.readInt() != 0;
config.randomizedMacExpirationTimeMs = in.readLong();
config.carrierId = in.readInt();
+ config.clonedNetworkConfigKey = in.readString();
return config;
}