From d8a085508cedd7d9158b19219b59eef236020c67 Mon Sep 17 00:00:00 2001
From: Avinash Patil <avinashapatil@gmail.com>
Date: Fri, 17 Aug 2012 19:21:40 +0300
Subject: [PATCH] hostapd: Disable WPS 2.0 when WPA-TKIP only configuration is
 set

WSC 2.0 deprecates use of WPA (TKIP) and does not allow WPA/TKIP only
configuration (i.e., WPA2/CCMP needs to be enabled in mixed mode for
WPA/TKIP to be acceptable). Enforce this by disabling WPS if
configuration enables WPA/TKIP without WPA2/CCMP.

Signed-off-by: Avinash Patil <patila@marvell.com>
---
 hostapd/config_file.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/hostapd/config_file.c b/hostapd/config_file.c
index b8bf404ce..a45fd2907 100644
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -1216,6 +1216,14 @@ static int hostapd_config_check_bss(struct hostapd_bss_config *bss,
 			   "disabled");
 		bss->wps_state = 0;
 	}
+
+	if (bss->wps_state && bss->wpa &&
+	    (!(bss->wpa & 2) ||
+	     !(bss->rsn_pairwise & WPA_CIPHER_CCMP))) {
+		wpa_printf(MSG_INFO, "WPS: WPA/TKIP configuration without "
+			   "WPA2/CCMP forced WPS to be disabled");
+		bss->wps_state = 0;
+	}
 #endif /* CONFIG_WPS2 */
 
 	return 0;