Fix wpa_key_mgmt and wpa_pairwise configuration for non-WPA

These hostapd configuration parameter was left at the default values
(WPA-PSK/TKIP) even for cases where WPA was disabled. While these
parameters are not really used much in non-WPA cases, they do get used
for one corner case in nl80211 configuration to disable encryption of
EAPOL frames in IEEE 802.1X WEP case.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2014-12-20 17:45:03 +02:00
parent 533fe09b78
commit 13a3a20dfe

View file

@ -890,12 +890,20 @@ void hostapd_set_security_params(struct hostapd_bss_config *bss,
int cipher = WPA_CIPHER_NONE; int cipher = WPA_CIPHER_NONE;
bss->ssid.security_policy = SECURITY_IEEE_802_1X; bss->ssid.security_policy = SECURITY_IEEE_802_1X;
bss->ssid.wep.default_len = bss->default_wep_key_len; bss->ssid.wep.default_len = bss->default_wep_key_len;
if (bss->default_wep_key_len) if (full_config && bss->default_wep_key_len) {
cipher = bss->default_wep_key_len >= 13 ? cipher = bss->default_wep_key_len >= 13 ?
WPA_CIPHER_WEP104 : WPA_CIPHER_WEP40; WPA_CIPHER_WEP104 : WPA_CIPHER_WEP40;
} else if (full_config && bss->ssid.wep.keys_set) {
if (bss->ssid.wep.len[0] >= 13)
cipher = WPA_CIPHER_WEP104;
else
cipher = WPA_CIPHER_WEP40;
}
bss->wpa_group = cipher; bss->wpa_group = cipher;
bss->wpa_pairwise = cipher; bss->wpa_pairwise = cipher;
bss->rsn_pairwise = cipher; bss->rsn_pairwise = cipher;
if (full_config)
bss->wpa_key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
} else if (bss->ssid.wep.keys_set) { } else if (bss->ssid.wep.keys_set) {
int cipher = WPA_CIPHER_WEP40; int cipher = WPA_CIPHER_WEP40;
if (bss->ssid.wep.len[0] >= 13) if (bss->ssid.wep.len[0] >= 13)
@ -904,6 +912,8 @@ void hostapd_set_security_params(struct hostapd_bss_config *bss,
bss->wpa_group = cipher; bss->wpa_group = cipher;
bss->wpa_pairwise = cipher; bss->wpa_pairwise = cipher;
bss->rsn_pairwise = cipher; bss->rsn_pairwise = cipher;
if (full_config)
bss->wpa_key_mgmt = WPA_KEY_MGMT_NONE;
} else if (bss->osen) { } else if (bss->osen) {
bss->ssid.security_policy = SECURITY_OSEN; bss->ssid.security_policy = SECURITY_OSEN;
bss->wpa_group = WPA_CIPHER_CCMP; bss->wpa_group = WPA_CIPHER_CCMP;
@ -914,5 +924,7 @@ void hostapd_set_security_params(struct hostapd_bss_config *bss,
bss->wpa_group = WPA_CIPHER_NONE; bss->wpa_group = WPA_CIPHER_NONE;
bss->wpa_pairwise = WPA_CIPHER_NONE; bss->wpa_pairwise = WPA_CIPHER_NONE;
bss->rsn_pairwise = WPA_CIPHER_NONE; bss->rsn_pairwise = WPA_CIPHER_NONE;
if (full_config)
bss->wpa_key_mgmt = WPA_KEY_MGMT_NONE;
} }
} }