aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJouni Malinen <jouni@codeaurora.org>2020-03-25 22:18:06 (GMT)
committerJouni Malinen <j@w1.fi>2020-03-25 22:18:06 (GMT)
commit96686e637cf093d50b4fa5a8cdb6b75663eacb24 (patch)
tree232f157c9832b8227663e1db35c8fdc36efabd90
parent9d1857cf35c8b52c21df672bd277058af542edce (diff)
downloadhostap-96686e637cf093d50b4fa5a8cdb6b75663eacb24.zip
hostap-96686e637cf093d50b4fa5a8cdb6b75663eacb24.tar.gz
hostap-96686e637cf093d50b4fa5a8cdb6b75663eacb24.tar.bz2
wpa_supplicant AP mode configuration for Transition Disable KDE
Allow AP mode network profile in wpa_supplicant to be configured to advertise Transition Disable DKE. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
-rw-r--r--wpa_supplicant/ap.c2
-rw-r--r--wpa_supplicant/config.c1
-rw-r--r--wpa_supplicant/config_file.c1
-rw-r--r--wpa_supplicant/config_ssid.h20
4 files changed, 24 insertions, 0 deletions
diff --git a/wpa_supplicant/ap.c b/wpa_supplicant/ap.c
index ee7c755..6241682 100644
--- a/wpa_supplicant/ap.c
+++ b/wpa_supplicant/ap.c
@@ -607,6 +607,8 @@ no_wps:
bss->ftm_responder = wpa_s->conf->ftm_responder;
bss->ftm_initiator = wpa_s->conf->ftm_initiator;
+ bss->transition_disable = ssid->transition_disable;
+
return 0;
}
diff --git a/wpa_supplicant/config.c b/wpa_supplicant/config.c
index 30801ab..e86fd7f 100644
--- a/wpa_supplicant/config.c
+++ b/wpa_supplicant/config.c
@@ -2577,6 +2577,7 @@ static const struct parse_data ssid_fields[] = {
{ INT_RANGE(multi_ap_backhaul_sta, 0, 1) },
{ INT_RANGE(ft_eap_pmksa_caching, 0, 1) },
{ INT_RANGE(beacon_prot, 0, 1) },
+ { INT_RANGE(transition_disable, 0, 255) },
};
#undef OFFSET
diff --git a/wpa_supplicant/config_file.c b/wpa_supplicant/config_file.c
index e77cbca..74068d6 100644
--- a/wpa_supplicant/config_file.c
+++ b/wpa_supplicant/config_file.c
@@ -935,6 +935,7 @@ static void wpa_config_write_network(FILE *f, struct wpa_ssid *ssid)
INT(multi_ap_backhaul_sta);
INT(ft_eap_pmksa_caching);
INT(beacon_prot);
+ INT(transition_disable);
#ifdef CONFIG_HT_OVERRIDES
INT_DEF(disable_ht, DEFAULT_DISABLE_HT);
INT_DEF(disable_ht40, DEFAULT_DISABLE_HT40);
diff --git a/wpa_supplicant/config_ssid.h b/wpa_supplicant/config_ssid.h
index 24c7a3d..618145e 100644
--- a/wpa_supplicant/config_ssid.h
+++ b/wpa_supplicant/config_ssid.h
@@ -1070,6 +1070,26 @@ struct wpa_ssid {
* enabled.
*/
int beacon_prot;
+
+ /**
+ * transition_disable - Transition Disable indication
+ * The AP can notify authenticated stations to disable transition mode
+ * in their network profiles when the network has completed transition
+ * steps, i.e., once sufficiently large number of APs in the ESS have
+ * been updated to support the more secure alternative. When this
+ * indication is used, the stations are expected to automatically
+ * disable transition mode and less secure security options. This
+ * includes use of WEP, TKIP (including use of TKIP as the group
+ * cipher), and connections without PMF.
+ * Bitmap bits:
+ * bit 0 (0x01): WPA3-Personal (i.e., disable WPA2-Personal = WPA-PSK
+ * and only allow SAE to be used)
+ * bit 1 (0x02): SAE-PK (disable SAE without use of SAE-PK)
+ * bit 2 (0x04): WPA3-Enterprise (move to requiring PMF)
+ * bit 3 (0x08): Enhanced Open (disable use of open network; require
+ * OWE)
+ */
+ u8 transition_disable;
};
#endif /* CONFIG_SSID_H */