Do not allow UOSC if received server certificate has TOD-STRICT policy
This handles the initial configuration from UOSC case where TOD-STRICT
does not allow this while TOD-TOFU does.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
diff --git a/sta.c b/sta.c
index bcf9f45..75fcad0 100644
--- a/sta.c
+++ b/sta.c
@@ -3300,6 +3300,8 @@
if (ssid == NULL)
return -1;
+ dut->server_cert_tod = 0;
+
if (dut->rsne_override) {
#ifdef NL80211_SUPPORT
if (get_driver_type() == DRIVER_WCN) {
@@ -3443,6 +3445,7 @@
sigma_dut_print(dut, DUT_MSG_DEBUG,
"Server certificate TOD policy: %d",
tod);
+ dut->server_cert_tod = tod;
pos += 6;
end = strchr(pos, ' ');
@@ -7708,6 +7711,7 @@
dut->sta_associate_wait_connect = 0;
dut->server_cert_hash[0] = '\0';
+ dut->server_cert_tod = 0;
dut->sta_tod_policy = 0;
dut->dpp_conf_id = -1;