| Message ID | CAJwzM1=W2FTSb5=nT3=Lv2_Vq=xj6seOpL63VEGGzcaZYJoxpw@mail.gmail.com |
|---|---|
| State | Accepted |
| Commit | d8a085508cedd7d9158b19219b59eef236020c67 |
| Headers | show |
On Tue, Aug 14, 2012 at 10:56:50AM +0530, Avinash Patil wrote: > TC4.1.11 from WSC2.0 test plan mandates to disable WPS > when AP is configured as WPA-TKIP only. > This patches disables WPS if AP configuration is WPA-TKIP. This type of functionality should really be at a higher level in the system so that the user will be notified that WPS will be disabled (and to provide an option to enable WPA2/CCMP to re-enable WPS).
Hi Jouni, Thanks for comment. hostapd handles other WSC2.0 negative tests- e.g. disable WPS when WEP encryption is set, disable WPS when BSS is configured as hidden network. So I think its good to have this check in hostapd itself. Please let me know your comments. Best Regards, Avinash On Wed, Aug 15, 2012 at 11:06 PM, Jouni Malinen <j@w1.fi> wrote: > On Tue, Aug 14, 2012 at 10:56:50AM +0530, Avinash Patil wrote: >> TC4.1.11 from WSC2.0 test plan mandates to disable WPS >> when AP is configured as WPA-TKIP only. >> This patches disables WPS if AP configuration is WPA-TKIP. > > This type of functionality should really be at a higher level in the > system so that the user will be notified that WPS will be disabled (and > to provide an option to enable WPA2/CCMP to re-enable WPS). > > -- > Jouni Malinen PGP id EFC895FA > _______________________________________________ > HostAP mailing list > HostAP@lists.shmoo.com > http://lists.shmoo.com/mailman/listinfo/hostap
On Thu, Aug 16, 2012 at 10:42:07AM +0530, Avinash Patil wrote: > hostapd handles other WSC2.0 negative tests- e.g. disable WPS when WEP > encryption is set, disable WPS when BSS is configured as hidden network. So > I think its good to have this check in hostapd itself. I would not count on hostapd enforcing all the UI or configuration requirements for WPS 2.0.. Anyway, I did apply this, but with some changes to make it match with the WSC 2.0 requirement, i.e., if WPA is enabled, WPA2/CCMP has to be enabled (e.g., WPA/CCMP would not be enough and neither would WPA/CCMP with WPA2/TKIP).
Thanks a lot Jouni. Yes; your check for determining WPA/TKIP configuration is stricter and better. Best Regards, Avinash. On Fri, Aug 17, 2012 at 9:55 PM, Jouni Malinen <j@w1.fi> wrote: > On Thu, Aug 16, 2012 at 10:42:07AM +0530, Avinash Patil wrote: > > hostapd handles other WSC2.0 negative tests- e.g. disable WPS when WEP > > encryption is set, disable WPS when BSS is configured as hidden network. > So > > I think its good to have this check in hostapd itself. > > I would not count on hostapd enforcing all the UI or configuration > requirements for WPS 2.0.. Anyway, I did apply this, but with some > changes to make it match with the WSC 2.0 requirement, i.e., if WPA > is enabled, WPA2/CCMP has to be enabled (e.g., WPA/CCMP would not be > enough and neither would WPA/CCMP with WPA2/TKIP). > > -- > Jouni Malinen PGP id EFC895FA > _______________________________________________ > HostAP mailing list > HostAP@lists.shmoo.com > http://lists.shmoo.com/mailman/listinfo/hostap >
diff --git a/hostapd/config_file.c b/hostapd/config_file.c index 03f29ad..ad66744 100644 --- a/hostapd/config_file.c +++ b/hostapd/config_file.c @@ -1288,6 +1288,13 @@ static int hostapd_config_check_bss(struct hostapd_bss_config *bss, "disabled"); bss->wps_state = 0; } + if (bss->wps_state && bss->wpa == 1 && + !(bss->wpa_pairwise & WPA_CIPHER_CCMP) && + !(bss->rsn_pairwise & WPA_CIPHER_CCMP)) { + bss->wps_state = 0; + wpa_printf(MSG_INFO, "WPS: WPA-TKIP configuration forced WPS to" + " be disabled"); + } #endif /* CONFIG_WPS2 */
TC4.1.11 from WSC2.0 test plan mandates to disable WPS when AP is configured as WPA-TKIP only. This patches disables WPS if AP configuration is WPA-TKIP. Signed-off-by: Avinash Patil <patila@marvell.com> --- hostapd/config_file.c | 7 +++++++ 1 files changed, 7 insertions(+), 0 deletions(-) return 0;