hostapd: Disable WPS 2.0 when WPA-TKIP only configuration is set

WSC 2.0 deprecates use of WPA (TKIP) and does not allow WPA/TKIP only
configuration (i.e., WPA2/CCMP needs to be enabled in mixed mode for
WPA/TKIP to be acceptable). Enforce this by disabling WPS if
configuration enables WPA/TKIP without WPA2/CCMP.

Signed-off-by: Avinash Patil <patila@marvell.com>

diff --git a/hostapd/config_file.c b/hostapd/config_file.c
index b8bf404ce9e1030885b56115c775bfef2166a70b..a45fd2907440a88f2bc217b221617b74b0b6029e 100644 (file)
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -1216,6 +1216,14 @@ static int hostapd_config_check_bss(struct hostapd_bss_config *bss,
                           "disabled");
                bss->wps_state = 0;
        }
+
+       if (bss->wps_state && bss->wpa &&
+           (!(bss->wpa & 2) ||
+            !(bss->rsn_pairwise & WPA_CIPHER_CCMP))) {
+               wpa_printf(MSG_INFO, "WPS: WPA/TKIP configuration without "
+                          "WPA2/CCMP forced WPS to be disabled");
+               bss->wps_state = 0;
+       }
 #endif /* CONFIG_WPS2 */
 
        return 0;