From patchwork Sun Jan 25 14:30:44 2015
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Stijn Tintel <stijn@linux-ipv6.be>
X-Patchwork-Id: 432511
X-Patchwork-Delegate: nbd@openwrt.org
Return-Path: <openwrt-devel-bounces@lists.openwrt.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from arrakis.dune.hu (arrakis.dune.hu [78.24.191.176])
	(using TLSv1.1 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id DD13A1401D0
	for <incoming@patchwork.ozlabs.org>;
	Mon, 26 Jan 2015 01:31:34 +1100 (AEDT)
Received: from arrakis.dune.hu (localhost [127.0.0.1])
	by arrakis.dune.hu (Postfix) with ESMTP id 7FF7D28BE2B;
	Sun, 25 Jan 2015 15:28:47 +0100 (CET)
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on arrakis.dune.hu
X-Spam-Level: 
X-Spam-Status: No, score=-1.5 required=5.0 tests=BAYES_00
	autolearn=unavailable version=3.3.2
Received: from arrakis.dune.hu (localhost [127.0.0.1])
	by arrakis.dune.hu (Postfix) with ESMTP id E616B28BE0D
	for <openwrt-devel@lists.openwrt.org>;
	Sun, 25 Jan 2015 15:28:32 +0100 (CET)
X-policyd-weight: NOT_IN_SBL_XBL_SPAMHAUS=-1.5 NOT_IN_SPAMCOP=-1.5
	NOT_IN_BL_NJABL=-1.5 CL_IP_EQ_FROM_MX=-3.1; rate: -7.6
Received: from mail.tintel.eu (mail.tintel.eu [62.213.201.86])
	by arrakis.dune.hu (Postfix) with ESMTPS
	for <openwrt-devel@lists.openwrt.org>;
	Sun, 25 Jan 2015 15:28:30 +0100 (CET)
Received: from localhost (localhost [IPv6:::1])
	by mail.tintel.eu (Postfix) with ESMTP id AB40A2A3476
	for <openwrt-devel@lists.openwrt.org>;
	Sun, 25 Jan 2015 15:30:51 +0100 (CET)
Received: from mail.tintel.eu ([IPv6:::1])
	by localhost (mail.tintel.eu [IPv6:::1]) (amavisd-new, port 10032)
	with ESMTP id Sm1OIkmy1eLs for <openwrt-devel@lists.openwrt.org>;
	Sun, 25 Jan 2015 15:30:51 +0100 (CET)
Received: from localhost (localhost [IPv6:::1])
	by mail.tintel.eu (Postfix) with ESMTP id 98E9A2A3473
	for <openwrt-devel@lists.openwrt.org>;
	Sun, 25 Jan 2015 15:30:50 +0100 (CET)
X-Virus-Scanned: amavisd-new at mail.tintel.eu
Received: from mail.tintel.eu ([IPv6:::1])
	by localhost (mail.tintel.eu [IPv6:::1]) (amavisd-new, port 10026)
	with ESMTP id DeMgVATbVEca for <openwrt-devel@lists.openwrt.org>;
	Sun, 25 Jan 2015 15:30:50 +0100 (CET)
Received: from taz.st-esk.be.tintel.eu (unknown
	[IPv6:2a02:1811:80:50:12bf:48ff:fed5:44b8])
	by mail.tintel.eu (Postfix) with SMTP id 0DFE12A3476
	for <openwrt-devel@lists.openwrt.org>;
	Sun, 25 Jan 2015 15:30:49 +0100 (CET)
Received: by taz.st-esk.be.tintel.eu (sSMTP sendmail emulation);
	Sun, 25 Jan 2015 15:30:50 +0100
From: Stijn Tintel <stijn@linux-ipv6.be>
To: openwrt-devel@lists.openwrt.org
Date: Sun, 25 Jan 2015 15:30:44 +0100
Message-Id: <1422196245-2289-3-git-send-email-stijn@linux-ipv6.be>
X-Mailer: git-send-email 2.0.5
In-Reply-To: <1422196245-2289-1-git-send-email-stijn@linux-ipv6.be>
References: <1422196245-2289-1-git-send-email-stijn@linux-ipv6.be>
Subject: [OpenWrt-Devel] [RFC PATCH 2/3] hostapd: allow multiple key
	management algorithms
X-BeenThere: openwrt-devel@lists.openwrt.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OpenWrt Development List <openwrt-devel.lists.openwrt.org>
List-Unsubscribe: 
 <https://lists.openwrt.org/cgi-bin/mailman/options/openwrt-devel>,
	<mailto:openwrt-devel-request@lists.openwrt.org?subject=unsubscribe>
List-Archive: <http://lists.openwrt.org/pipermail/openwrt-devel/>
List-Post: <mailto:openwrt-devel@lists.openwrt.org>
List-Help: <mailto:openwrt-devel-request@lists.openwrt.org?subject=help>
List-Subscribe: 
 <https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel>,
	<mailto:openwrt-devel-request@lists.openwrt.org?subject=subscribe>
MIME-Version: 1.0
Errors-To: openwrt-devel-bounces@lists.openwrt.org
Sender: "openwrt-devel" <openwrt-devel-bounces@lists.openwrt.org>

To enable 802.11r, wpa_key_mgmt should contain FT-EAP or FT-PSK. Allow
multiple key management algorithms to make this possible.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
---
 package/network/services/hostapd/files/hostapd.sh | 6 ++++--
 package/network/services/hostapd/files/netifd.sh  | 6 ++++--
 2 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/package/network/services/hostapd/files/hostapd.sh b/package/network/services/hostapd/files/hostapd.sh
index 2a38d16..a4b38d7 100644
--- a/package/network/services/hostapd/files/hostapd.sh
+++ b/package/network/services/hostapd/files/hostapd.sh
@@ -1,7 +1,7 @@
 hostapd_set_bss_options() {
 	local var="$1"
 	local vif="$2"
-	local enc wep_rekey wpa_group_rekey wpa_pair_rekey wpa_master_rekey wps_possible
+	local enc wep_rekey wpa_group_rekey wpa_pair_rekey wpa_master_rekey wps_possible wpa_key_mgmt
 
 	config_get enc "$vif" encryption "none"
 	config_get wep_rekey        "$vif" wep_rekey        # 300
@@ -92,6 +92,7 @@ hostapd_set_bss_options() {
 			[ -n "$wpa_group_rekey"  ] && append "$var" "wpa_group_rekey=$wpa_group_rekey" "$N"
 			[ -n "$wpa_pair_rekey"   ] && append "$var" "wpa_ptk_rekey=$wpa_pair_rekey"    "$N"
 			[ -n "$wpa_master_rekey" ] && append "$var" "wpa_gmk_rekey=$wpa_master_rekey"  "$N"
+			append wpa_key_mgmt "WPA-PSK"
 		;;
 		*wpa*|*8021x*)
 			# required fields? formats?
@@ -133,7 +134,7 @@ hostapd_set_bss_options() {
 			append "$var" "own_ip_addr=$ownip" "$N"
 			append "$var" "eapol_key_index_workaround=1" "$N"
 			append "$var" "ieee8021x=1" "$N"
-			append "$var" "wpa_key_mgmt=WPA-EAP" "$N"
+			append wpa_key_mgmt "WPA-EAP"
 			[ -n "$wpa_group_rekey"  ] && append "$var" "wpa_group_rekey=$wpa_group_rekey" "$N"
 			[ -n "$wpa_pair_rekey"   ] && append "$var" "wpa_ptk_rekey=$wpa_pair_rekey"    "$N"
 			[ -n "$wpa_master_rekey" ] && append "$var" "wpa_gmk_rekey=$wpa_master_rekey"  "$N"
@@ -218,6 +219,7 @@ hostapd_set_bss_options() {
 	then
 		config_get nasid "$vif" nasid
 		[ -n "$nasid" ] && append "$var" "nas_identifier=$nasid" "$N"
+		[ -n "wpa_key_mgmt" ] && append "$var" "wpa_key_mgmt=$wpa_key_mgmt"
 	fi
 
 	if [ "$wpa" -ge "2" ]
diff --git a/package/network/services/hostapd/files/netifd.sh b/package/network/services/hostapd/files/netifd.sh
index 2771c1a..666823b 100644
--- a/package/network/services/hostapd/files/netifd.sh
+++ b/package/network/services/hostapd/files/netifd.sh
@@ -166,7 +166,7 @@ hostapd_set_bss_options() {
 	wireless_vif_parse_encryption
 
 	local bss_conf
-	local wep_rekey wpa_group_rekey wpa_pair_rekey wpa_master_rekey
+	local wep_rekey wpa_group_rekey wpa_pair_rekey wpa_master_rekey wpa_key_mgmt
 
 	json_get_vars \
 		wep_rekey wpa_group_rekey wpa_pair_rekey wpa_master_rekey \
@@ -230,6 +230,7 @@ hostapd_set_bss_options() {
 				append bss_conf "wpa_psk_file=$wpa_psk_file" "$N"
 			}
 			wps_possible=1
+			append wpa_key_mgmt "WPA-PSK"
 		;;
 		eap)
 			json_get_vars \
@@ -273,7 +274,7 @@ hostapd_set_bss_options() {
 			[ -n "$ownip" ] && append bss_conf "own_ip_addr=$ownip" "$N"
 			append bss_conf "eapol_key_index_workaround=1" "$N"
 			append bss_conf "ieee8021x=1" "$N"
-			append bss_conf "wpa_key_mgmt=WPA-EAP" "$N"
+			append wpa_key_mgmt "WPA-EAP"
 
 			[ -n "$dynamic_vlan" ] && {
 				append bss_conf "dynamic_vlan=$dynamic_vlan" "$N"
@@ -338,6 +339,7 @@ hostapd_set_bss_options() {
 	if [ "$wpa" -ge "1" ]; then
 		json_get_vars nasid
 		[ -n "$nasid" ] && append bss_conf "nas_identifier=$nasid" "$N"
+		[ -n "$wpa_key_mgmt" ] && append bss_conf "wpa_key_mgmt=$wpa_key_mgmt" "$N"
 	fi
 
 	if [ "$wpa" -ge "2" ]; then