git.ipfire.org Git - thirdparty/hostap.git/commit

author	Michael Braun <michael-dev@fami-braun.de>
	Sat, 24 Sep 2016 20:53:42 +0000 (22:53 +0200)
committer	Jouni Malinen <j@w1.fi>
	Sun, 9 Oct 2016 08:57:56 +0000 (11:57 +0300)
commit	96590564d658cf344778e9c84bcd58d39764e11d
tree	05a794a163890314b0bf11fa492cf025deeb5697	tree \| snapshot
parent	a25e4efc9e428d968e83398bd8c9c94698ba5851	commit \| diff

FT: Allow PMK-R0 and PMK-R1 for FT-PSK to be generated locally

Station should be able to connect initially without ft_pmk_cache filled,
so the target AP has the PSK available and thus the same information as
the origin AP. Therefore neither caching nor communication between the
APs with respect to PMK-R0 or PMK-R1 or VLANs is required if the target
AP derives the required PMKs locally.

This patch introduces the generation of the required PMKs locally for
FT-PSK. Additionally, PMK-R0 is not stored (and thus pushed) for FT-PSK.

So for FT-PSK networks, no configuration of inter-AP communication is
needed anymore when using ft_psk_generate_local=1 configuration. The
default behavior (ft_psk_generate_local=0) remains to use the pull/push
protocol.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>

hostapd/config_file.c		diff \| blob \| blame \| history
hostapd/hostapd.conf		diff \| blob \| blame \| history
src/ap/ap_config.h		diff \| blob \| blame \| history
src/ap/wpa_auth.h		diff \| blob \| blame \| history
src/ap/wpa_auth_ft.c		diff \| blob \| blame \| history
src/ap/wpa_auth_glue.c		diff \| blob \| blame \| history
src/common/defs.h		diff \| blob \| blame \| history
src/common/wpa_common.c		diff \| blob \| blame \| history
src/common/wpa_common.h		diff \| blob \| blame \| history