Reject association if HT STA tries to use TKIP as pairwise cipher
This commit is contained in:
parent
f130ba9b4a
commit
ff36ff00b8
3 changed files with 17 additions and 0 deletions
|
@ -930,6 +930,16 @@ static void handle_assoc(struct hostapd_data *hapd,
|
|||
goto fail;
|
||||
}
|
||||
#endif /* CONFIG_IEEE80211R */
|
||||
#ifdef CONFIG_IEEE80211N
|
||||
if ((sta->flags & WLAN_STA_HT) &&
|
||||
wpa_auth_get_pairwise(sta->wpa_sm) == WPA_CIPHER_TKIP) {
|
||||
wpa_printf(MSG_DEBUG, "HT: " MACSTR " tried to "
|
||||
"use TKIP with HT association",
|
||||
MAC2STR(sta->addr));
|
||||
resp = WLAN_STATUS_CIPHER_REJECTED_PER_POLICY;
|
||||
goto fail;
|
||||
}
|
||||
#endif /* CONFIG_IEEE80211N */
|
||||
} else
|
||||
wpa_auth_sta_no_wpa(sta->wpa_sm);
|
||||
|
||||
|
|
|
@ -2305,6 +2305,12 @@ int wpa_auth_pairwise_set(struct wpa_state_machine *sm)
|
|||
}
|
||||
|
||||
|
||||
int wpa_auth_get_pairwise(struct wpa_state_machine *sm)
|
||||
{
|
||||
return sm->pairwise;
|
||||
}
|
||||
|
||||
|
||||
int wpa_auth_sta_key_mgmt(struct wpa_state_machine *sm)
|
||||
{
|
||||
if (sm == NULL)
|
||||
|
|
|
@ -246,6 +246,7 @@ int wpa_get_mib(struct wpa_authenticator *wpa_auth, char *buf, size_t buflen);
|
|||
int wpa_get_mib_sta(struct wpa_state_machine *sm, char *buf, size_t buflen);
|
||||
void wpa_auth_countermeasures_start(struct wpa_authenticator *wpa_auth);
|
||||
int wpa_auth_pairwise_set(struct wpa_state_machine *sm);
|
||||
int wpa_auth_get_pairwise(struct wpa_state_machine *sm);
|
||||
int wpa_auth_sta_key_mgmt(struct wpa_state_machine *sm);
|
||||
int wpa_auth_sta_wpa_version(struct wpa_state_machine *sm);
|
||||
int wpa_auth_sta_clear_pmksa(struct wpa_state_machine *sm,
|
||||
|
|
Loading…
Reference in a new issue