From: Avinash Patil <avinashapatil@gmail.com>
Date: Fri, 17 Aug 2012 16:21:40 +0000 (+0300)
Subject: hostapd: Disable WPS 2.0 when WPA-TKIP only configuration is set
X-Git-Tag: hostap_2_0~394
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d8a085508cedd7d9158b19219b59eef236020c67;p=thirdparty%2Fhostap.git

hostapd: Disable WPS 2.0 when WPA-TKIP only configuration is set

WSC 2.0 deprecates use of WPA (TKIP) and does not allow WPA/TKIP only
configuration (i.e., WPA2/CCMP needs to be enabled in mixed mode for
WPA/TKIP to be acceptable). Enforce this by disabling WPS if
configuration enables WPA/TKIP without WPA2/CCMP.

Signed-off-by: Avinash Patil <patila@marvell.com>
---

diff --git a/hostapd/config_file.c b/hostapd/config_file.c
index b8bf404ce..a45fd2907 100644
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -1216,6 +1216,14 @@ static int hostapd_config_check_bss(struct hostapd_bss_config *bss,
 			   "disabled");
 		bss->wps_state = 0;
 	}
+
+	if (bss->wps_state && bss->wpa &&
+	    (!(bss->wpa & 2) ||
+	     !(bss->rsn_pairwise & WPA_CIPHER_CCMP))) {
+		wpa_printf(MSG_INFO, "WPS: WPA/TKIP configuration without "
+			   "WPA2/CCMP forced WPS to be disabled");
+		bss->wps_state = 0;
+	}
 #endif /* CONFIG_WPS2 */
 
 	return 0;