[WPA3] Fix WPA3-Personal transition mode
Fix WPA3-Personal in transition mode issues. Current
solution will create an upgraded WPA3 connection if
there is a WPA2 saved network and AP is in transition
mode.
Bug: 143843364
Test: Manual tests
Test: atest com.android.server.wifi
Change-Id: Idadbd1d155ddd617e61063e64e186abec478f5ff
Merged-In: I53b278e846828198fb1953b075d86e16fac6d795
diff --git a/packages/SettingsLib/src/com/android/settingslib/wifi/AccessPoint.java b/packages/SettingsLib/src/com/android/settingslib/wifi/AccessPoint.java
index 6b1ceae..bf31f81 100644
--- a/packages/SettingsLib/src/com/android/settingslib/wifi/AccessPoint.java
+++ b/packages/SettingsLib/src/com/android/settingslib/wifi/AccessPoint.java
@@ -718,20 +718,7 @@
|| (mConfig != null && mConfig.shared != config.shared)) {
return false;
}
-
- final int configSecurity = getSecurity(config);
- final WifiManager wifiManager = getWifiManager();
- switch (security) {
- case SECURITY_PSK_SAE_TRANSITION:
- return configSecurity == SECURITY_PSK
- || (wifiManager.isWpa3SaeSupported() && configSecurity == SECURITY_SAE);
- case SECURITY_OWE_TRANSITION:
- return configSecurity == SECURITY_NONE
- || (wifiManager.isEnhancedOpenSupported()
- && configSecurity == SECURITY_OWE);
- default:
- return security == configSecurity;
- }
+ return security == getSecurity(config);
}
public WifiConfiguration getConfig() {
@@ -1270,34 +1257,10 @@
mAccessPointListener = listener;
}
- private static final String sPskSuffix = "," + String.valueOf(SECURITY_PSK);
- private static final String sSaeSuffix = "," + String.valueOf(SECURITY_SAE);
- private static final String sPskSaeSuffix = "," + String.valueOf(SECURITY_PSK_SAE_TRANSITION);
- private static final String sOweSuffix = "," + String.valueOf(SECURITY_OWE);
- private static final String sOpenSuffix = "," + String.valueOf(SECURITY_NONE);
- private static final String sOweTransSuffix = "," + String.valueOf(SECURITY_OWE_TRANSITION);
-
private boolean isKeyEqual(String compareTo) {
if (mKey == null) {
return false;
}
-
- if (compareTo.endsWith(sPskSuffix) || compareTo.endsWith(sSaeSuffix)) {
- if (mKey.endsWith(sPskSaeSuffix)) {
- // Special handling for PSK-SAE transition mode. If the AP has advertised both,
- // we compare the key with both PSK and SAE for a match.
- return TextUtils.equals(mKey.substring(0, mKey.lastIndexOf(',')),
- compareTo.substring(0, compareTo.lastIndexOf(',')));
- }
- }
- if (compareTo.endsWith(sOpenSuffix) || compareTo.endsWith(sOweSuffix)) {
- if (mKey.endsWith(sOweTransSuffix)) {
- // Special handling for OWE/Open networks. If AP advertises OWE in transition mode
- // and we have an Open network saved, allow this connection to be established.
- return TextUtils.equals(mKey.substring(0, mKey.lastIndexOf(',')),
- compareTo.substring(0, compareTo.lastIndexOf(',')));
- }
- }
return mKey.equals(compareTo);
}
@@ -1628,8 +1591,6 @@
private static int getSecurity(ScanResult result) {
if (result.capabilities.contains("WEP")) {
return SECURITY_WEP;
- } else if (result.capabilities.contains("PSK+SAE")) {
- return SECURITY_PSK_SAE_TRANSITION;
} else if (result.capabilities.contains("SAE")) {
return SECURITY_SAE;
} else if (result.capabilities.contains("PSK")) {
@@ -1638,8 +1599,6 @@
return SECURITY_EAP_SUITE_B;
} else if (result.capabilities.contains("EAP")) {
return SECURITY_EAP;
- } else if (result.capabilities.contains("OWE_TRANSITION")) {
- return SECURITY_OWE_TRANSITION;
} else if (result.capabilities.contains("OWE")) {
return SECURITY_OWE;
}
@@ -1686,10 +1645,6 @@
return "SUITE_B";
} else if (security == SECURITY_OWE) {
return "OWE";
- } else if (security == SECURITY_PSK_SAE_TRANSITION) {
- return "PSK+SAE";
- } else if (security == SECURITY_OWE_TRANSITION) {
- return "OWE_TRANSITION";
}
return "NONE";
}
@@ -1859,4 +1814,16 @@
}
}
}
+
+ /**
+ * Lets the caller know if the network was cloned from another network
+ *
+ * @return true if the network is cloned
+ */
+ public boolean isCloned() {
+ if (mConfig == null) {
+ return false;
+ }
+ return mConfig.clonedNetworkConfigKey != null;
+ }
}
diff --git a/wifi/java/android/net/wifi/WifiConfiguration.java b/wifi/java/android/net/wifi/WifiConfiguration.java
index ed41642..822eee3 100644
--- a/wifi/java/android/net/wifi/WifiConfiguration.java
+++ b/wifi/java/android/net/wifi/WifiConfiguration.java
@@ -382,12 +382,7 @@
public void setSecurityParams(@SecurityType int securityType) {
// Clear all the bitsets.
allowedKeyManagement.clear();
- allowedProtocols.clear();
allowedAuthAlgorithms.clear();
- allowedPairwiseCiphers.clear();
- allowedGroupCiphers.clear();
- allowedGroupManagementCiphers.clear();
- allowedSuiteBCiphers.clear();
switch (securityType) {
case SECURITY_TYPE_OPEN:
@@ -410,6 +405,9 @@
requirePMF = true;
break;
case SECURITY_TYPE_EAP_SUITE_B:
+ allowedGroupCiphers.clear();
+ allowedGroupManagementCiphers.clear();
+ allowedSuiteBCiphers.clear();
allowedKeyManagement.set(WifiConfiguration.KeyMgmt.SUITE_B_192);
allowedGroupCiphers.set(WifiConfiguration.GroupCipher.GCMP_256);
allowedGroupManagementCiphers.set(WifiConfiguration.GroupMgmtCipher.BIP_GMAC_256);
@@ -923,6 +921,12 @@
public int meteredOverride = METERED_OVERRIDE_NONE;
/**
+ * This Wifi configuration is a clone of another network with lower security
+ * @hide
+ */
+ public String clonedNetworkConfigKey;
+
+ /**
* Blend together all the various opinions to decide if the given network
* should be considered metered or not.
*
@@ -1793,6 +1797,7 @@
shared = true;
dtimInterval = 0;
mRandomizedMacAddress = MacAddress.fromString(WifiInfo.DEFAULT_MAC_ADDRESS);
+ clonedNetworkConfigKey = null;
}
/**
@@ -2352,6 +2357,7 @@
/** copy constructor {@hide} */
@UnsupportedAppUsage
+
public WifiConfiguration(WifiConfiguration source) {
if (source != null) {
networkId = source.networkId;
@@ -2431,6 +2437,7 @@
macRandomizationSetting = source.macRandomizationSetting;
requirePMF = source.requirePMF;
updateIdentifier = source.updateIdentifier;
+ clonedNetworkConfigKey = source.clonedNetworkConfigKey;
}
}
@@ -2502,6 +2509,7 @@
dest.writeParcelable(mRandomizedMacAddress, flags);
dest.writeInt(macRandomizationSetting);
dest.writeInt(osu ? 1 : 0);
+ dest.writeString(clonedNetworkConfigKey);
}
/** Implement the Parcelable interface {@hide} */
@@ -2575,6 +2583,8 @@
config.mRandomizedMacAddress = in.readParcelable(null);
config.macRandomizationSetting = in.readInt();
config.osu = in.readInt() != 0;
+ config.clonedNetworkConfigKey = in.readString();
+
return config;
}