aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorJouni Malinen <jouni@qca.qualcomm.com>2017-07-03 10:42:55 (GMT)
committerJouni Malinen <j@w1.fi>2017-07-03 10:42:55 (GMT)
commit90f837b0bfb26f9c26111fef39199190b9f820f2 (patch)
tree3c85cf0ce642ecc23394e71e1b06e404a9276c1f /src
parent787615b38161ae7947314cc4b9e1905853d151e2 (diff)
downloadhostap-90f837b0bfb26f9c26111fef39199190b9f820f2.zip
hostap-90f837b0bfb26f9c26111fef39199190b9f820f2.tar.gz
hostap-90f837b0bfb26f9c26111fef39199190b9f820f2.tar.bz2
Update default wpa_group_rekey to once-per-day when using CCMP/GCMP
The default value for GTK rekeying period was previously hardcoded to 600 seconds for all cases. Leave that short value only for TKIP as group cipher while moving to the IEEE 802.11 default value of 86400 seconds (once-per-day) for CCMP/GCMP. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Diffstat (limited to 'src')
-rw-r--r--src/ap/ap_config.c3
-rw-r--r--src/ap/ap_config.h1
2 files changed, 4 insertions, 0 deletions
diff --git a/src/ap/ap_config.c b/src/ap/ap_config.c
index f96d742..07a13f8 100644
--- a/src/ap/ap_config.c
+++ b/src/ap/ap_config.c
@@ -1036,6 +1036,9 @@ void hostapd_set_security_params(struct hostapd_bss_config *bss,
bss->rsn_pairwise = bss->wpa_pairwise;
bss->wpa_group = wpa_select_ap_group_cipher(bss->wpa, bss->wpa_pairwise,
bss->rsn_pairwise);
+ if (!bss->wpa_group_rekey_set)
+ bss->wpa_group_rekey = bss->wpa_group == WPA_CIPHER_TKIP ?
+ 600 : 86400;
if (full_config) {
bss->radius->auth_server = bss->radius->auth_servers;
diff --git a/src/ap/ap_config.h b/src/ap/ap_config.h
index fa2ae49..14fa230 100644
--- a/src/ap/ap_config.h
+++ b/src/ap/ap_config.h
@@ -327,6 +327,7 @@ struct hostapd_bss_config {
int wpa_pairwise;
int wpa_group;
int wpa_group_rekey;
+ int wpa_group_rekey_set;
int wpa_strict_rekey;
int wpa_gmk_rekey;
int wpa_ptk_rekey;