Skip to content

Commit fa11c44

Browse files
gangli02krish2718
gangli02
authored and
krish2718
committed
[nrf fromtree] modules: hostap: set the cipher suites for WPA2 & WPA3 SAE mode
When the external AP is in WPA3 SAE mode, the group cipher uses TKIP and the pairwise cipher uses TKIP and CCMP. Should not connect to the AP. For WPA2 & WPA3 SAE & WPA2/WPA3 mixed mode, set group cipher to CCMP, pairwise cipher to CCMP. Signed-off-by: Gang Li <[email protected]> (cherry picked from commit c8fa5e5)
1 parent 3fd018f commit fa11c44

File tree

1 file changed

+33
-0
lines changed

1 file changed

+33
-0
lines changed

modules/hostap/src/supp_api.c

Lines changed: 33 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -752,6 +752,14 @@ static int wpas_add_and_config_network(struct wpa_supplicant *wpa_s,
752752
goto out;
753753
}
754754
}
755+
756+
if (!wpa_cli_cmd_v("set_network %d group CCMP", resp.network_id)) {
757+
goto out;
758+
}
759+
760+
if (!wpa_cli_cmd_v("set_network %d pairwise CCMP", resp.network_id)) {
761+
goto out;
762+
}
755763
} else if (params->security == WIFI_SECURITY_TYPE_PSK_SHA256) {
756764
if (!wpa_cli_cmd_v("set_network %d psk \"%s\"",
757765
resp.network_id, psk_null_terminated)) {
@@ -762,6 +770,14 @@ static int wpas_add_and_config_network(struct wpa_supplicant *wpa_s,
762770
resp.network_id)) {
763771
goto out;
764772
}
773+
774+
if (!wpa_cli_cmd_v("set_network %d group CCMP", resp.network_id)) {
775+
goto out;
776+
}
777+
778+
if (!wpa_cli_cmd_v("set_network %d pairwise CCMP", resp.network_id)) {
779+
goto out;
780+
}
765781
} else if (params->security == WIFI_SECURITY_TYPE_PSK ||
766782
params->security == WIFI_SECURITY_TYPE_WPA_PSK) {
767783
if (!wpa_cli_cmd_v("set_network %d psk \"%s\"",
@@ -779,6 +795,15 @@ static int wpas_add_and_config_network(struct wpa_supplicant *wpa_s,
779795
resp.network_id)) {
780796
goto out;
781797
}
798+
} else {
799+
if (!wpa_cli_cmd_v("set_network %d group CCMP", resp.network_id)) {
800+
goto out;
801+
}
802+
803+
if (!wpa_cli_cmd_v("set_network %d pairwise CCMP",
804+
resp.network_id)) {
805+
goto out;
806+
}
782807
}
783808
} else if (params->security == WIFI_SECURITY_TYPE_WPA_AUTO_PERSONAL) {
784809
if (!wpa_cli_cmd_v("set_network %d psk \"%s\"", resp.network_id,
@@ -806,6 +831,14 @@ static int wpas_add_and_config_network(struct wpa_supplicant *wpa_s,
806831
resp.network_id)) {
807832
goto out;
808833
}
834+
835+
if (!wpa_cli_cmd_v("set_network %d group CCMP", resp.network_id)) {
836+
goto out;
837+
}
838+
839+
if (!wpa_cli_cmd_v("set_network %d pairwise CCMP", resp.network_id)) {
840+
goto out;
841+
}
809842
#ifdef CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE
810843
} else if (is_eap_valid_security(params->security)) {
811844
if (process_cipher_config(params, &cipher_config)) {

0 commit comments

Comments
 (0)