From a2660890a5ed7a3053d0ed5976df7879ab2509da Mon Sep 17 00:00:00 2001
From: Shiva Sankar Gajula <c_ssgaju@qti.qualcomm.com>
Date: Sat, 2 Dec 2017 01:22:55 +0200
Subject: [PATCH] WPS: Allow WPS to be enabled in CCMP-256 and GCMP-256 only
 cases

Extend the check against WPA/TKIP only configuration by adding CCMP-256
and GCMP-256 to the list of allowed ciphers. This is needed to allow WPS
to be enabled in AP configurations where neither CCMP-128 nor GCMP-128
are enabled.

Signed-off-by: Shiva Sankar Gajula <sgajula@qti.qualcomm.com>
---
 src/ap/ap_config.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/ap/ap_config.c b/src/ap/ap_config.c
index 68658ae36..23e1bed5e 100644
--- a/src/ap/ap_config.c
+++ b/src/ap/ap_config.c
@@ -936,7 +936,9 @@ static int hostapd_config_check_bss(struct hostapd_bss_config *bss,
 
 	if (full_config && bss->wps_state && bss->wpa &&
 	    (!(bss->wpa & 2) ||
-	     !(bss->rsn_pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP)))) {
+	     !(bss->rsn_pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP |
+				    WPA_CIPHER_CCMP_256 |
+				    WPA_CIPHER_GCMP_256)))) {
 		wpa_printf(MSG_INFO, "WPS: WPA/TKIP configuration without "
 			   "WPA2/CCMP/GCMP forced WPS to be disabled");
 		bss->wps_state = 0;