aboutsummaryrefslogtreecommitdiffstats
path: root/wpa_supplicant/config.c
diff options
context:
space:
mode:
authorJouni Malinen <jouni@qca.qualcomm.com>2017-09-26 14:36:33 (GMT)
committerJouni Malinen <j@w1.fi>2017-09-26 14:40:02 (GMT)
commit61a56c14800922328e4dc29bf4b70ff0ea51c7d3 (patch)
tree98dd00e2af91340065dcdf9c0765e5d45d22e48f /wpa_supplicant/config.c
parent0ad5893a2f1f521d44712cd395e067ccf0a397c3 (diff)
downloadhostap-61a56c14800922328e4dc29bf4b70ff0ea51c7d3.zip
hostap-61a56c14800922328e4dc29bf4b70ff0ea51c7d3.tar.gz
hostap-61a56c14800922328e4dc29bf4b70ff0ea51c7d3.tar.bz2
Add group_mgmt network parameter for PMF cipher selection
The new wpa_supplicant network parameter group_mgmt can be used to specify which group management ciphers (AES-128-CMAC, BIP-GMAC-128, BIP-GMAC-256, BIP-CMAC-256) are allowed for the network. If not specified, the current behavior is maintained (i.e., follow what the AP advertises). The parameter can list multiple space separate ciphers. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Diffstat (limited to 'wpa_supplicant/config.c')
-rw-r--r--wpa_supplicant/config.c35
1 files changed, 35 insertions, 0 deletions
diff --git a/wpa_supplicant/config.c b/wpa_supplicant/config.c
index 7e6022d..0ea34e0 100644
--- a/wpa_supplicant/config.c
+++ b/wpa_supplicant/config.c
@@ -1148,6 +1148,40 @@ static char * wpa_config_write_group(const struct parse_data *data,
#endif /* NO_CONFIG_WRITE */
+static int wpa_config_parse_group_mgmt(const struct parse_data *data,
+ struct wpa_ssid *ssid, int line,
+ const char *value)
+{
+ int val;
+
+ val = wpa_config_parse_cipher(line, value);
+ if (val == -1)
+ return -1;
+
+ if (val & ~WPA_ALLOWED_GROUP_MGMT_CIPHERS) {
+ wpa_printf(MSG_ERROR,
+ "Line %d: not allowed group management cipher (0x%x).",
+ line, val);
+ return -1;
+ }
+
+ if (ssid->group_mgmt_cipher == val)
+ return 1;
+ wpa_printf(MSG_MSGDUMP, "group_mgmt: 0x%x", val);
+ ssid->group_mgmt_cipher = val;
+ return 0;
+}
+
+
+#ifndef NO_CONFIG_WRITE
+static char * wpa_config_write_group_mgmt(const struct parse_data *data,
+ struct wpa_ssid *ssid)
+{
+ return wpa_config_write_cipher(ssid->group_mgmt_cipher);
+}
+#endif /* NO_CONFIG_WRITE */
+
+
static int wpa_config_parse_auth_alg(const struct parse_data *data,
struct wpa_ssid *ssid, int line,
const char *value)
@@ -2086,6 +2120,7 @@ static const struct parse_data ssid_fields[] = {
{ INT(bg_scan_period) },
{ FUNC(pairwise) },
{ FUNC(group) },
+ { FUNC(group_mgmt) },
{ FUNC(auth_alg) },
{ FUNC(scan_freq) },
{ FUNC(freq_list) },