hostapd: disable ft_psk_generate_local for non-PSK networks
authorDavid Bauer <mail@david-bauer.net>
Sun, 5 Jan 2020 23:13:58 +0000 (00:13 +0100)
committerDavid Bauer <mail@david-bauer.net>
Thu, 9 Jan 2020 00:01:20 +0000 (01:01 +0100)
Without this commit, ft_psk_generate_local is enabled for non-PSK
networks by default. This breaks 802.11r for EAP networks.

Disable ft_psk_generate_local by default for non-PSK networks resolves
this misbehavior.

Reported-by: Martin Weinelt <martin@darmstadt.freifunk.net>
Signed-off-by: David Bauer <mail@david-bauer.net>
Tested-by: Martin Weinelt <martin@darmstadt.freifunk.net>
package/network/services/hostapd/files/hostapd.sh

index 4bf6a6c9712785f40d059445f80f19d4f2992f4b..3d4e57db25c0edee7de8fd7ba6a68957a7ec62ea 100644 (file)
@@ -510,10 +510,18 @@ hostapd_set_bss_options() {
                        json_get_vars mobility_domain ft_psk_generate_local ft_over_ds reassociation_deadline
                        
                        set_default mobility_domain "$(echo "$ssid" | md5sum | head -c 4)"
-                       set_default ft_psk_generate_local 1
                        set_default ft_over_ds 1
                        set_default reassociation_deadline 1000
 
+                       case "$auth_type" in
+                               psk|sae|psk-sae)
+                                       set_default ft_psk_generate_local 1
+                               ;;
+                               *)
+                                       set_default ft_psk_generate_local 0
+                               ;;
+                       esac
+
                        append bss_conf "mobility_domain=$mobility_domain" "$N"
                        append bss_conf "ft_psk_generate_local=$ft_psk_generate_local" "$N"
                        append bss_conf "ft_over_ds=$ft_over_ds" "$N"