From: Jouni Malinen <j@w1.fi>
Date: Sat, 20 Dec 2014 15:45:03 +0000 (+0200)
Subject: Fix wpa_key_mgmt and wpa_pairwise configuration for non-WPA
X-Git-Tag: hostap_2_4~729
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=13a3a20dfe83e542436a2c58669754a7ac0e8db4;p=thirdparty%2Fhostap.git

Fix wpa_key_mgmt and wpa_pairwise configuration for non-WPA

These hostapd configuration parameter was left at the default values
(WPA-PSK/TKIP) even for cases where WPA was disabled. While these
parameters are not really used much in non-WPA cases, they do get used
for one corner case in nl80211 configuration to disable encryption of
EAPOL frames in IEEE 802.1X WEP case.

Signed-off-by: Jouni Malinen <j@w1.fi>
---

diff --git a/src/ap/ap_config.c b/src/ap/ap_config.c
index a69d8bc8e..5bc468a08 100644
--- a/src/ap/ap_config.c
+++ b/src/ap/ap_config.c
@@ -890,12 +890,20 @@ void hostapd_set_security_params(struct hostapd_bss_config *bss,
 		int cipher = WPA_CIPHER_NONE;
 		bss->ssid.security_policy = SECURITY_IEEE_802_1X;
 		bss->ssid.wep.default_len = bss->default_wep_key_len;
-		if (bss->default_wep_key_len)
+		if (full_config && bss->default_wep_key_len) {
 			cipher = bss->default_wep_key_len >= 13 ?
 				WPA_CIPHER_WEP104 : WPA_CIPHER_WEP40;
+		} else if (full_config && bss->ssid.wep.keys_set) {
+			if (bss->ssid.wep.len[0] >= 13)
+				cipher = WPA_CIPHER_WEP104;
+			else
+				cipher = WPA_CIPHER_WEP40;
+		}
 		bss->wpa_group = cipher;
 		bss->wpa_pairwise = cipher;
 		bss->rsn_pairwise = cipher;
+		if (full_config)
+			bss->wpa_key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
 	} else if (bss->ssid.wep.keys_set) {
 		int cipher = WPA_CIPHER_WEP40;
 		if (bss->ssid.wep.len[0] >= 13)
@@ -904,6 +912,8 @@ void hostapd_set_security_params(struct hostapd_bss_config *bss,
 		bss->wpa_group = cipher;
 		bss->wpa_pairwise = cipher;
 		bss->rsn_pairwise = cipher;
+		if (full_config)
+			bss->wpa_key_mgmt = WPA_KEY_MGMT_NONE;
 	} else if (bss->osen) {
 		bss->ssid.security_policy = SECURITY_OSEN;
 		bss->wpa_group = WPA_CIPHER_CCMP;
@@ -914,5 +924,7 @@ void hostapd_set_security_params(struct hostapd_bss_config *bss,
 		bss->wpa_group = WPA_CIPHER_NONE;
 		bss->wpa_pairwise = WPA_CIPHER_NONE;
 		bss->rsn_pairwise = WPA_CIPHER_NONE;
+		if (full_config)
+			bss->wpa_key_mgmt = WPA_KEY_MGMT_NONE;
 	}
 }