aboutsummaryrefslogtreecommitdiffstats
path: root/wpa_supplicant/mesh.c
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2016-06-18 19:21:33 (GMT)
committerJouni Malinen <j@w1.fi>2016-06-19 17:18:09 (GMT)
commita151b0e37dd2e16736a01641fe9dd6c6b0fe2fe6 (patch)
tree461750fa9896f3139052aa310d5eb0bf6c1db43e /wpa_supplicant/mesh.c
parent3b6deac0e7d5e84527bcae49890c6775527f590c (diff)
downloadhostap-a151b0e37dd2e16736a01641fe9dd6c6b0fe2fe6.zip
hostap-a151b0e37dd2e16736a01641fe9dd6c6b0fe2fe6.tar.gz
hostap-a151b0e37dd2e16736a01641fe9dd6c6b0fe2fe6.tar.bz2
mesh: Select pairwise and group cipher based on network profile
This allows the previously hardcoded CCMP cipher to be replaced in the network profile for mesh. Signed-off-by: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'wpa_supplicant/mesh.c')
-rw-r--r--wpa_supplicant/mesh.c21
1 files changed, 19 insertions, 2 deletions
diff --git a/wpa_supplicant/mesh.c b/wpa_supplicant/mesh.c
index c5f089e..bf9beb2 100644
--- a/wpa_supplicant/mesh.c
+++ b/wpa_supplicant/mesh.c
@@ -70,6 +70,7 @@ static struct mesh_conf * mesh_config_create(struct wpa_supplicant *wpa_s,
struct wpa_ssid *ssid)
{
struct mesh_conf *conf;
+ int cipher;
conf = os_zalloc(sizeof(struct mesh_conf));
if (!conf)
@@ -90,8 +91,24 @@ static struct mesh_conf * mesh_config_create(struct wpa_supplicant *wpa_s,
else
conf->ieee80211w = NO_MGMT_FRAME_PROTECTION;
}
- conf->pairwise_cipher = WPA_CIPHER_CCMP;
- conf->group_cipher = WPA_CIPHER_CCMP;
+
+ cipher = wpa_pick_pairwise_cipher(ssid->pairwise_cipher, 0);
+ if (cipher < 0 || cipher == WPA_CIPHER_TKIP) {
+ wpa_msg(wpa_s, MSG_INFO, "mesh: Invalid pairwise cipher");
+ os_free(conf);
+ return NULL;
+ }
+ conf->pairwise_cipher = cipher;
+
+ cipher = wpa_pick_group_cipher(ssid->group_cipher);
+ if (cipher < 0 || cipher == WPA_CIPHER_TKIP ||
+ cipher == WPA_CIPHER_GTK_NOT_USED) {
+ wpa_msg(wpa_s, MSG_INFO, "mesh: Invalid group cipher");
+ os_free(conf);
+ return NULL;
+ }
+
+ conf->group_cipher = cipher;
if (conf->ieee80211w != NO_MGMT_FRAME_PROTECTION)
conf->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;