jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

mesh: Select pairwise and group cipher based on network profile

Browse source 
This allows the previously hardcoded CCMP cipher to be replaced in the
network profile for mesh.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2016-06-18 22:21:33 +03:00
parent 3b6deac0e7
commit a151b0e37d
1 changed files with 19 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
wpa_supplicant/mesh.c
View file

@ -70,6 +70,7 @@ static struct mesh_conf * mesh_config_create(struct wpa_supplicant *wpa_s,
struct wpa_ssid *ssid) struct wpa_ssid *ssid)
{ {
struct mesh_conf *conf; struct mesh_conf *conf;
int cipher;
conf = os_zalloc(sizeof(struct mesh_conf)); conf = os_zalloc(sizeof(struct mesh_conf));
if (!conf) if (!conf)
@ -90,8 +91,24 @@ static struct mesh_conf * mesh_config_create(struct wpa_supplicant *wpa_s,
else else
conf->ieee80211w = NO_MGMT_FRAME_PROTECTION; conf->ieee80211w = NO_MGMT_FRAME_PROTECTION;
} }
conf->pairwise_cipher = WPA_CIPHER_CCMP;
conf->group_cipher = WPA_CIPHER_CCMP; cipher = wpa_pick_pairwise_cipher(ssid->pairwise_cipher, 0);
if (cipher < 0 || cipher == WPA_CIPHER_TKIP) {
wpa_msg(wpa_s, MSG_INFO, "mesh: Invalid pairwise cipher");
os_free(conf);
return NULL;
}
conf->pairwise_cipher = cipher;
cipher = wpa_pick_group_cipher(ssid->group_cipher);
if (cipher < 0 || cipher == WPA_CIPHER_TKIP ||
cipher == WPA_CIPHER_GTK_NOT_USED) {
wpa_msg(wpa_s, MSG_INFO, "mesh: Invalid group cipher");
os_free(conf);
return NULL;
}
conf->group_cipher = cipher;
if (conf->ieee80211w != NO_MGMT_FRAME_PROTECTION) if (conf->ieee80211w != NO_MGMT_FRAME_PROTECTION)
conf->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC; conf->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;