aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJouni Malinen <jouni@codeaurora.org>2019-09-19 18:25:52 (GMT)
committerJouni Malinen <j@w1.fi>2019-09-21 13:30:35 (GMT)
commitd0a4ed6a1b1550897e4cde028e85be4a76ef180d (patch)
tree709f203c66080376f5c24c95fcb54838480386e8
parent7846e8d6086bbbbf549a21fd505847e169d2f303 (diff)
downloadhostap-d0a4ed6a1b1550897e4cde028e85be4a76ef180d.zip
hostap-d0a4ed6a1b1550897e4cde028e85be4a76ef180d.tar.gz
hostap-d0a4ed6a1b1550897e4cde028e85be4a76ef180d.tar.bz2
Allow SAE to be used in wpa_supplicant AP mode
SAE password configuration for AP mode requires additional steps compared to PSK cases. Previous implementation allowed SAE to be configured, but all authentication attempts would fail due to no password being available. Now both psk and sae_password/sae_password_id parameters are translated properly to the hostapd configuration structures to fix this. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
-rw-r--r--wpa_supplicant/ap.c30
1 files changed, 29 insertions, 1 deletions
diff --git a/wpa_supplicant/ap.c b/wpa_supplicant/ap.c
index dff1cbe..725e096 100644
--- a/wpa_supplicant/ap.c
+++ b/wpa_supplicant/ap.c
@@ -381,7 +381,9 @@ static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s,
else
bss->wpa_key_mgmt = ssid->key_mgmt;
bss->wpa_pairwise = ssid->pairwise_cipher;
- if (ssid->psk_set) {
+ if (wpa_key_mgmt_sae(bss->wpa_key_mgmt) && ssid->passphrase) {
+ bss->ssid.wpa_passphrase = os_strdup(ssid->passphrase);
+ } else if (ssid->psk_set) {
bin_clear_free(bss->ssid.wpa_psk, sizeof(*bss->ssid.wpa_psk));
bss->ssid.wpa_psk = os_zalloc(sizeof(struct hostapd_wpa_psk));
if (bss->ssid.wpa_psk == NULL)
@@ -407,6 +409,32 @@ static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s,
wep->idx = ssid->wep_tx_keyidx;
wep->keys_set = 1;
}
+#ifdef CONFIG_SAE
+ if (ssid->sae_password) {
+ struct sae_password_entry *pw;
+
+ pw = os_zalloc(sizeof(*pw));
+ if (!pw)
+ return -1;
+ os_memset(pw->peer_addr, 0xff, ETH_ALEN);
+ pw->password = os_strdup(ssid->sae_password);
+ if (!pw->password) {
+ os_free(pw);
+ return -1;
+ }
+ if (ssid->sae_password_id) {
+ pw->identifier = os_strdup(ssid->sae_password_id);
+ if (!pw->identifier) {
+ str_clear_free(pw->password);
+ os_free(pw);
+ return -1;
+ }
+ }
+
+ pw->next = bss->sae_passwords;
+ bss->sae_passwords = pw;
+ }
+#endif /* CONFIG_SAE */
if (wpa_s->conf->go_interworking) {
wpa_printf(MSG_DEBUG,