hak5
/
openwrt
mirror of https://github.com/hak5/openwrt.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

hostapd: enable PMKSA and OK caching for WPA3-Personal 

This enables PMKSA and opportunistic key caching by default for
WPA2/WPA3-Personal, WPA3-Personal and OWE auth types.
Otherwise, Apple devices won't connect to the WPA3 network.

This should not degrade security, as there's no external authentication
provider.

Tested with OCEDO Koala and iPhone 7 (iOS 13.1).

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 3034f8c3b8)
Signed-off-by: David Bauer <mail@david-bauer.net>
openwrt-19.07
David Bauer 2019-10-28 19:10:14 +01:00
parent 5d6308ecae
commit bee28adf6e
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
package/network/services/hostapd/files/hostapd.sh
View File

@ -540,7 +540,14 @@ hostapd_set_bss_options() {
append bss_conf "rsn_preauth=1" "$N"
append bss_conf "rsn_preauth_interfaces=$network_bridge" "$N"
else
set_default auth_cache 0
case "$auth_type" in
sae|psk-sae|owe)
set_default auth_cache 1
;;
*)
set_default auth_cache 0
;;
esac
fi
append bss_conf "okc=$auth_cache" "$N"