aboutsummaryrefslogtreecommitdiffstats
path: root/hostapd
diff options
context:
space:
mode:
authorJouni Malinen <jouni@qca.qualcomm.com>2017-07-03 10:42:55 (GMT)
committerJouni Malinen <j@w1.fi>2017-07-03 10:42:55 (GMT)
commit90f837b0bfb26f9c26111fef39199190b9f820f2 (patch)
tree3c85cf0ce642ecc23394e71e1b06e404a9276c1f /hostapd
parent787615b38161ae7947314cc4b9e1905853d151e2 (diff)
downloadhostap-90f837b0bfb26f9c26111fef39199190b9f820f2.zip
hostap-90f837b0bfb26f9c26111fef39199190b9f820f2.tar.gz
hostap-90f837b0bfb26f9c26111fef39199190b9f820f2.tar.bz2
Update default wpa_group_rekey to once-per-day when using CCMP/GCMP
The default value for GTK rekeying period was previously hardcoded to 600 seconds for all cases. Leave that short value only for TKIP as group cipher while moving to the IEEE 802.11 default value of 86400 seconds (once-per-day) for CCMP/GCMP. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Diffstat (limited to 'hostapd')
-rw-r--r--hostapd/config_file.c1
-rw-r--r--hostapd/hostapd.conf5
2 files changed, 5 insertions, 1 deletions
diff --git a/hostapd/config_file.c b/hostapd/config_file.c
index 0955f91..14d4ee7 100644
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -2513,6 +2513,7 @@ static int hostapd_config_fill(struct hostapd_config *conf,
bss->wpa = atoi(pos);
} else if (os_strcmp(buf, "wpa_group_rekey") == 0) {
bss->wpa_group_rekey = atoi(pos);
+ bss->wpa_group_rekey_set = 1;
} else if (os_strcmp(buf, "wpa_strict_rekey") == 0) {
bss->wpa_strict_rekey = atoi(pos);
} else if (os_strcmp(buf, "wpa_gmk_rekey") == 0) {
diff --git a/hostapd/hostapd.conf b/hostapd/hostapd.conf
index 9b9ab10..980c138 100644
--- a/hostapd/hostapd.conf
+++ b/hostapd/hostapd.conf
@@ -1282,7 +1282,10 @@ own_ip_addr=127.0.0.1
# Time interval for rekeying GTK (broadcast/multicast encryption keys) in
# seconds. (dot11RSNAConfigGroupRekeyTime)
-#wpa_group_rekey=600
+# This defaults to 86400 seconds (once per day) when using CCMP/GCMP as the
+# group cipher and 600 seconds (once per 10 minutes) when using TKIP as the
+# group cipher.
+#wpa_group_rekey=86400
# Rekey GTK when any STA that possesses the current GTK is leaving the BSS.
# (dot11RSNAConfigGroupRekeyStrict)