Revert "[WPA2-Enterprise] Avoid disabling PMF, allow using global value (capable)"
This reverts commit cffde1c721e11a486d5191fe35430d642759881e.
Reason for revert: With 5974d201189471be732f701ef33f10acc026084e, supplicant will takes care of enabling pmf if AP is PMF capable or PMF required.
Bug: 131267738, 140372352
Test: Regression test
Change-Id: I1362328b5fa55bc80cf7a6543b1d5d952deb0f65
Merged-In: I1362328b5fa55bc80cf7a6543b1d5d952deb0f65
diff --git a/service/java/com/android/server/wifi/SupplicantStaNetworkHal.java b/service/java/com/android/server/wifi/SupplicantStaNetworkHal.java
index 9255fc2..dd56b5f 100644
--- a/service/java/com/android/server/wifi/SupplicantStaNetworkHal.java
+++ b/service/java/com/android/server/wifi/SupplicantStaNetworkHal.java
@@ -339,19 +339,11 @@
Log.e(TAG, config.SSID + ": failed to set hiddenSSID: " + config.hiddenSSID);
return false;
}
- // The logic below is skipping WPA2-Enterprise explicit setting of PMF to disabled
- // in order to allow connection to networks with PMF required. Skipping means that
- // wpa_supplicant will use the global setting (optional/capable).
- // TODO(b/130755779): A permanent fix should convert requirePMF to a tri-state variablbe
- boolean wpa2EnterpriseSkipPmf = !config.requirePMF
- && (config.allowedKeyManagement.get(WifiConfiguration.KeyMgmt.WPA_EAP)
- || config.allowedKeyManagement.get(WifiConfiguration.KeyMgmt.IEEE8021X));
+
/** RequirePMF */
- if (!wpa2EnterpriseSkipPmf) {
- if (!setRequirePmf(config.requirePMF)) {
- Log.e(TAG, config.SSID + ": failed to set requirePMF: " + config.requirePMF);
- return false;
- }
+ if (!setRequirePmf(config.requirePMF)) {
+ Log.e(TAG, config.SSID + ": failed to set requirePMF: " + config.requirePMF);
+ return false;
}
/** Key Management Scheme */
if (config.allowedKeyManagement.cardinality() != 0) {
