jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

WPS: Disable WPS(v2) in WPA/TKIP-only configuration

Browse source 
When using wpa_supplicant AP mode, WPS support is enabled by default for
WPA/WPA2-Personal. Change this to enforce the WPS2 rules on not allowing
WPS to be used with WPA/TKIP-only configuration (i.e., at minimum, mixed
mode with WPA/TKIP and WPA2/CCMP has to be used for WPS to be enabled).

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
Jouni Malinen 2011-12-01 21:46:19 +02:00 committed by Jouni Malinen
parent 56d24b4ee0
commit c0f83f3104
1 changed files with 6 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
wpa_supplicant/ap.c
View file

@ -237,6 +237,12 @@ static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s,
if (bss->ssid.security_policy != SECURITY_WPA_PSK && if (bss->ssid.security_policy != SECURITY_WPA_PSK &&
bss->ssid.security_policy != SECURITY_PLAINTEXT) bss->ssid.security_policy != SECURITY_PLAINTEXT)
goto no_wps; goto no_wps;
#ifdef CONFIG_WPS2
if (bss->ssid.security_policy == SECURITY_WPA_PSK &&
(!(pairwise & WPA_CIPHER_CCMP) || !(bss->wpa & 2)))
goto no_wps; /* WPS2 does not allow WPA/TKIP-only
* configuration */
#endif /* CONFIG_WPS2 */
bss->eap_server = 1; bss->eap_server = 1;
bss->wps_state = 2; bss->wps_state = 2;
bss->ap_setup_locked = 2; bss->ap_setup_locked = 2;