aboutsummaryrefslogtreecommitdiffstats
path: root/hostapd
diff options
context:
space:
mode:
authorMichael Braun <michael-dev@fami-braun.de>2016-09-24 20:53:42 (GMT)
committerJouni Malinen <j@w1.fi>2016-10-09 08:57:56 (GMT)
commit96590564d658cf344778e9c84bcd58d39764e11d (patch)
tree05a794a163890314b0bf11fa492cf025deeb5697 /hostapd
parenta25e4efc9e428d968e83398bd8c9c94698ba5851 (diff)
downloadhostap-96590564d658cf344778e9c84bcd58d39764e11d.zip
hostap-96590564d658cf344778e9c84bcd58d39764e11d.tar.gz
hostap-96590564d658cf344778e9c84bcd58d39764e11d.tar.bz2
FT: Allow PMK-R0 and PMK-R1 for FT-PSK to be generated locally
Station should be able to connect initially without ft_pmk_cache filled, so the target AP has the PSK available and thus the same information as the origin AP. Therefore neither caching nor communication between the APs with respect to PMK-R0 or PMK-R1 or VLANs is required if the target AP derives the required PMKs locally. This patch introduces the generation of the required PMKs locally for FT-PSK. Additionally, PMK-R0 is not stored (and thus pushed) for FT-PSK. So for FT-PSK networks, no configuration of inter-AP communication is needed anymore when using ft_psk_generate_local=1 configuration. The default behavior (ft_psk_generate_local=0) remains to use the pull/push protocol. Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
Diffstat (limited to 'hostapd')
-rw-r--r--hostapd/config_file.c2
-rw-r--r--hostapd/hostapd.conf8
2 files changed, 10 insertions, 0 deletions
diff --git a/hostapd/config_file.c b/hostapd/config_file.c
index 5079f69..2d67282 100644
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -2559,6 +2559,8 @@ static int hostapd_config_fill(struct hostapd_config *conf,
bss->pmk_r1_push = atoi(pos);
} else if (os_strcmp(buf, "ft_over_ds") == 0) {
bss->ft_over_ds = atoi(pos);
+ } else if (os_strcmp(buf, "ft_psk_generate_local") == 0) {
+ bss->ft_psk_generate_local = atoi(pos);
#endif /* CONFIG_IEEE80211R */
#ifndef CONFIG_NO_CTRL_IFACE
} else if (os_strcmp(buf, "ctrl_interface") == 0) {
diff --git a/hostapd/hostapd.conf b/hostapd/hostapd.conf
index fa9a855..b5f5b17 100644
--- a/hostapd/hostapd.conf
+++ b/hostapd/hostapd.conf
@@ -1326,6 +1326,14 @@ own_ip_addr=127.0.0.1
# 1 = FT-over-DS enabled (default)
#ft_over_ds=1
+# Whether to generate FT response locally for PSK networks
+# This avoids use of PMK-R1 push/pull from other APs with FT-PSK networks as
+# the required information (PSK and other session data) is already locally
+# available.
+# 0 = disabled (default)
+# 1 = enabled
+#ft_psk_generate_local=0
+
##### Neighbor table ##########################################################
# Maximum number of entries kept in AP table (either for neigbor table or for
# detecting Overlapping Legacy BSS Condition). The oldest entry will be