]> git.ipfire.org Git - thirdparty/hostap.git/commit - wpa_supplicant/config_file.c
projects / thirdparty / hostap.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 440e9f0) | patch
Do not remove CCMP group cipher if any CCMP/GCMP cipher is enabled
authorJouni Malinen <jouni@codeaurora.org>
Mon, 23 Apr 2018 10:40:39 +0000 (13:40 +0300)
committerJouni Malinen <j@w1.fi>
Mon, 23 Apr 2018 21:35:43 +0000 (00:35 +0300)
commit72b6e5d1e2dec31f775bd7a71effb4d63a8fa96f
tree0614c274f05637c10f64d62e60911e93a80ae3b6tree | snapshot
parent440e9f0bbe37720a42ac8a9ae40ae66234ac841ccommit | diff
Do not remove CCMP group cipher if any CCMP/GCMP cipher is enabled

CCMP group cipher was removed if CCMP was not allowed as a pairwise
cipher when loading a configuration file (but not actually when changing
configuration during runtime). This is needed to avoid issues with
configurations that use the default group cipher (TKIP CCMP) while
modifying pairwise cipher from the default CCMP TKIP) to TKIP. However,
there is not really a need to remove the CCMP group cipher if any GCMP
or CCMP cipher is enabled as a pairwise cipher.

Change the network profile validation routine to not remove CCMP as
group cipher if CCMP-256, GCMP, or GCMP-256 is enabled as a pairwise
cipher even if CCMP is not.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
wpa_supplicant/config_file.c diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.