DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

Update default wpa_group_rekey to once-per-day when using CCMP/GCMP

Browse source 
The default value for GTK rekeying period was previously hardcoded to
600 seconds for all cases. Leave that short value only for TKIP as group
cipher while moving to the IEEE 802.11 default value of 86400 seconds
(once-per-day) for CCMP/GCMP.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
Jouni Malinen 2017-07-03 13:42:55 +03:00 committed by Jouni Malinen
parent 787615b381
commit 90f837b0bf
4 changed files with 9 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

3
src/ap/ap_config.c
View file

@ -1036,6 +1036,9 @@ void hostapd_set_security_params(struct hostapd_bss_config *bss,
bss->rsn_pairwise = bss->wpa_pairwise;
bss->wpa_group = wpa_select_ap_group_cipher(bss->wpa, bss->wpa_pairwise,
bss->rsn_pairwise);
if (!bss->wpa_group_rekey_set)
bss->wpa_group_rekey = bss->wpa_group == WPA_CIPHER_TKIP ?
600 : 86400;
if (full_config) {
bss->radius->auth_server = bss->radius->auth_servers;