aboutsummaryrefslogtreecommitdiffstats
path: root/wpa_supplicant/config_file.c
diff options
context:
space:
mode:
authorJouni Malinen <jouni@qca.qualcomm.com>2017-09-26 14:36:33 (GMT)
committerJouni Malinen <j@w1.fi>2017-09-26 14:40:02 (GMT)
commit61a56c14800922328e4dc29bf4b70ff0ea51c7d3 (patch)
tree98dd00e2af91340065dcdf9c0765e5d45d22e48f /wpa_supplicant/config_file.c
parent0ad5893a2f1f521d44712cd395e067ccf0a397c3 (diff)
downloadhostap-61a56c14800922328e4dc29bf4b70ff0ea51c7d3.zip
hostap-61a56c14800922328e4dc29bf4b70ff0ea51c7d3.tar.gz
hostap-61a56c14800922328e4dc29bf4b70ff0ea51c7d3.tar.bz2
Add group_mgmt network parameter for PMF cipher selection
The new wpa_supplicant network parameter group_mgmt can be used to specify which group management ciphers (AES-128-CMAC, BIP-GMAC-128, BIP-GMAC-256, BIP-CMAC-256) are allowed for the network. If not specified, the current behavior is maintained (i.e., follow what the AP advertises). The parameter can list multiple space separate ciphers. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Diffstat (limited to 'wpa_supplicant/config_file.c')
-rw-r--r--wpa_supplicant/config_file.c17
1 files changed, 17 insertions, 0 deletions
diff --git a/wpa_supplicant/config_file.c b/wpa_supplicant/config_file.c
index 5ccd003..ab11af9 100644
--- a/wpa_supplicant/config_file.c
+++ b/wpa_supplicant/config_file.c
@@ -593,6 +593,22 @@ static void write_group(FILE *f, struct wpa_ssid *ssid)
}
+static void write_group_mgmt(FILE *f, struct wpa_ssid *ssid)
+{
+ char *value;
+
+ if (!ssid->group_mgmt_cipher)
+ return;
+
+ value = wpa_config_get(ssid, "group_mgmt");
+ if (!value)
+ return;
+ if (value[0])
+ fprintf(f, "\tgroup_mgmt=%s\n", value);
+ os_free(value);
+}
+
+
static void write_auth_alg(FILE *f, struct wpa_ssid *ssid)
{
char *value;
@@ -734,6 +750,7 @@ static void wpa_config_write_network(FILE *f, struct wpa_ssid *ssid)
INT_DEF(bg_scan_period, DEFAULT_BG_SCAN_PERIOD);
write_pairwise(f, ssid);
write_group(f, ssid);
+ write_group_mgmt(f, ssid);
write_auth_alg(f, ssid);
STR(bgscan);
STR(autoscan);