jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

mesh: Allow group management cipher to be configured

Browse source 
This allows BIP-GMAC-128, BIP-GMAC-256, or BIP-CMAC-256 to be used
instead of the previously hardcoded AES-128-CMAC as the group management
cipher when using mesh with PMF. For now, this can be configured by
setting a single group_mgmt value in the network block and doing that
consistently through all the STAs in the mesh.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2019-12-25 23:43:35 +02:00
parent 65d0b67c22
commit 9b391715cb
1 changed files with 8 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
wpa_supplicant/mesh.c
View file

@ -114,8 +114,14 @@ static struct mesh_conf * mesh_config_create(struct wpa_supplicant *wpa_s,
} }
conf->group_cipher = cipher; conf->group_cipher = cipher;
if (conf->ieee80211w != NO_MGMT_FRAME_PROTECTION) if (conf->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
if (ssid->group_mgmt_cipher == WPA_CIPHER_BIP_GMAC_128 ||
ssid->group_mgmt_cipher == WPA_CIPHER_BIP_GMAC_256 ||
ssid->group_mgmt_cipher == WPA_CIPHER_BIP_CMAC_256)
conf->mgmt_group_cipher = ssid->group_mgmt_cipher;
else
conf->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC; conf->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
}
/* defaults */ /* defaults */
conf->mesh_pp_id = MESH_PATH_PROTOCOL_HWMP; conf->mesh_pp_id = MESH_PATH_PROTOCOL_HWMP;