From patchwork Mon Oct 17 14:53:09 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Filip Matusiak X-Patchwork-Id: 683298 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2001:1868:205::9]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3sySX247RFz9sBR for ; Tue, 18 Oct 2016 06:12:50 +1100 (AEDT) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=tieto.com header.i=@tieto.com header.b=Ly5TJipd; dkim-atps=neutral Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.85_2 #1 (Red Hat Linux)) id 1bwDKq-0006lD-Hr; Mon, 17 Oct 2016 19:12:32 +0000 Received: from mail-lf0-x22d.google.com ([2a00:1450:4010:c07::22d]) by bombadil.infradead.org with esmtps (Exim 4.85_2 #1 (Red Hat Linux)) id 1bw9IJ-0007oR-6n for hostap@lists.infradead.org; Mon, 17 Oct 2016 14:53:40 +0000 Received: by mail-lf0-x22d.google.com with SMTP id b81so289075091lfe.1 for ; Mon, 17 Oct 2016 07:53:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tieto.com; s=google; h=from:to:cc:subject:date:message-id; bh=tKXGYQx0IJnABsjaYo7dq1l4zp9RGfjkTapKza9Hsb4=; b=Ly5TJipd97xkXmpcJanoE0wdplp1TC6oal/QQjqaQzYmlhplZyjcGhs6TAqQ0QTxBE a5d3wtNRyD0jE9rmoaEzbplcLFCWsguSqGPbXGJlvuX9k8ijLc9scRQbqLyld8R5V65q 9Uy4vmHKe47HNrlOq3iGtgrVgC81ZoAWrr9W8= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=tKXGYQx0IJnABsjaYo7dq1l4zp9RGfjkTapKza9Hsb4=; b=EvETwgCwn2GJGjHRXkEv5oSYDGT57J1y2xaEmjsFB4wNQxVdmiQZKG8JWfYoymknmw 8QxhggzwrjqQe76v5s4nXGXizAOCf5xz6MyL7twQD1gi15qIjGJWYVkT92mPI+Q5KLtC bx8l5w5M2VGE8vU4692AD3jikDqICSzRLccYwxYn4vE0F6Mo/AILX/fErYRoAFRcjXeP MhCnC0ch4rnZmXOFZx5sUPKIAbrNzNDDWeAhWb4Q/fego03DMYiy//XE/Z9t7sMNkC3c XSFvBjV9/KztYDUoXPb9wXeY6xaBLuZ45IuLA/eH06AUI5Rq610HKWCdPq2lQBwEcBsH QMWA== X-Gm-Message-State: AA6/9Rlb30h6XWe+S8OLvk1z4O5R9S8GesLUzLMl0AmzyJ0coj1xDGe4LyM4e0X3rG7IbC7QIFc42ag271uuH/xdYw6a8e7B+nDSDiTcZ28SIswY8RjhdDvQnIa4rhu9CZ4k/kqvIUzYNBFV82bnUxQAAT0+Q+M6qTw3HLjwEt5b6MnXIDsvliuLCGqpl4vWzng= X-Received: by 10.25.32.69 with SMTP id g66mr15449032lfg.15.1476715994731; Mon, 17 Oct 2016 07:53:14 -0700 (PDT) Received: from localhost.localdomain ([91.198.246.8]) by smtp.gmail.com with ESMTPSA id u68sm7954287lfg.31.2016.10.17.07.53.13 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 17 Oct 2016 07:53:13 -0700 (PDT) From: Filip Matusiak To: hostap@lists.infradead.org Subject: [PATCH] AP: Disable VHT in TKIP configuration Date: Mon, 17 Oct 2016 16:53:09 +0200 Message-Id: <1476715989-1251-1-git-send-email-filip.matusiak@tieto.com> X-Mailer: git-send-email 2.7.4 X-DomainID: tieto.com X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20161017_075339_678946_20E67330 X-CRM114-Status: UNSURE ( 9.06 ) X-CRM114-Notice: Please train this message. X-Spam-Score: -2.7 (--) X-Spam-Report: SpamAssassin version 3.4.0 on bombadil.infradead.org summary: Content analysis details: (-2.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low trust [2a00:1450:4010:c07:0:0:0:22d listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000] -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid X-Mailman-Approved-At: Mon, 17 Oct 2016 12:12:30 -0700 X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: marek.kwaczynski@tieto.com, michal.kazior@tieto.com, filip.matusiak@tieto.com MIME-Version: 1.0 Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org This has already been done for WEP, but there's same constraint for not allowing VTH rates in case of TKIP. Signed-off-by: Filip Matusiak --- src/ap/ap_config.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/src/ap/ap_config.c b/src/ap/ap_config.c index 228de2b..9c178c7 100644 --- a/src/ap/ap_config.c +++ b/src/ap/ap_config.c @@ -848,6 +848,17 @@ static int hostapd_config_check_bss(struct hostapd_bss_config *bss, wpa_printf(MSG_ERROR, "VHT (IEEE 802.11ac) with WEP is not allowed, disabling VHT capabilities"); } + + if (full_config && conf->ieee80211ac && bss->wpa && + !(bss->wpa_pairwise & WPA_CIPHER_CCMP) && + !(bss->rsn_pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP | + WPA_CIPHER_CCMP_256 | WPA_CIPHER_GCMP_256))) + { + bss->disable_11ac = 1; + wpa_printf(MSG_ERROR, "VHT (IEEE 802.11ac) with WPA/WPA2 " + "requires CCMP/GCMP to be enabled, disabling VHT " + "capabilities"); + } #endif /* CONFIG_IEEE80211AC */ #ifdef CONFIG_WPS