mirror of https://github.com/hak5/openwrt-owl.git
hostapd: enable SHA256-based algorithms
Enable support for stronger SHA256-based algorithms in hostapd and wpa_supplicant when using WPA-EAP or WPA-PSK with 802.11w enabled. We cannot unconditionally enable it, as it requires hostapd to be compiled with 802.11w support, which is disabled in the -mini variants. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> Tested-by: Sebastian Kemper <sebastian_ml@gmx.net>owl
parent
30f14f6198
commit
388681fe53
|
@ -41,6 +41,7 @@ hostapd_append_wpa_key_mgmt() {
|
|||
|
||||
append wpa_key_mgmt "WPA-$auth_type"
|
||||
[ "$ieee80211r" -gt 0 ] && append wpa_key_mgmt "FT-${auth_type}"
|
||||
[ "$ieee80211w" -gt 0 ] && append wpa_key_mgmt "WPA-${auth_type}-SHA256"
|
||||
}
|
||||
|
||||
hostapd_add_log_config() {
|
||||
|
@ -194,7 +195,7 @@ hostapd_set_bss_options() {
|
|||
wps_device_type wps_device_name wps_manufacturer wps_pin \
|
||||
macfilter ssid wmm uapsd hidden short_preamble rsn_preauth \
|
||||
iapp_interface eapol_version acct_server acct_secret acct_port \
|
||||
dynamic_vlan
|
||||
dynamic_vlan ieee80211w
|
||||
|
||||
set_default isolate 0
|
||||
set_default maxassoc 0
|
||||
|
@ -400,7 +401,6 @@ hostapd_set_bss_options() {
|
|||
[ "$auth_cache" = 0 ] && append bss_conf "disable_pmksa_caching=1" "$N"
|
||||
|
||||
# RSN -> allow management frame protection
|
||||
json_get_var ieee80211w ieee80211w
|
||||
case "$ieee80211w" in
|
||||
[012])
|
||||
json_get_vars ieee80211w_max_timeout ieee80211w_retry_timeout
|
||||
|
|
Loading…
Reference in New Issue