diff --git a/src/core/config.c b/src/core/config.c index 44c9275c2662a26d19e24972fb82d4c4c572a800..9cb9705a65ad0dd26b0c285dd149da235c0510b3 100644 --- a/src/core/config.c +++ b/src/core/config.c @@ -655,12 +655,20 @@ bool uci_set_wireless_interface_option(char *package_name, } static bool get_encryption_value(uint16_t auth_type, uint16_t encryption_type, - char *encrypt_val, size_t elen) + char *encrypt_val, size_t elen, int *mfp) { if (!encrypt_val) return false; - if ((auth_type & WPS_AUTH_WPAPSK) && (auth_type & WPS_AUTH_WPA2PSK)) + *mfp = 0; + + if ((auth_type & WPS_AUTH_WPA2PSK) && (auth_type & WPS_AUTH_SAE)) { + strncat(encrypt_val, "sae-mixed", elen); + *mfp = 1; + } else if (auth_type & WPS_AUTH_SAE) { + strncat(encrypt_val, "sae", elen); + *mfp = 2; + } else if ((auth_type & WPS_AUTH_WPAPSK) && (auth_type & WPS_AUTH_WPA2PSK)) strncat(encrypt_val, "psk-mixed", elen); else if ((auth_type & WPS_AUTH_WPA) && (auth_type & WPS_AUTH_WPA2)) strncat(encrypt_val, "wpa-mixed", elen); @@ -880,6 +888,7 @@ int uci_apply_m2(struct agent_config *cfg, char *interface_name, char *device, char band_str[2] = {0}; char ipaddr_str[INET_ADDRSTRLEN] = {0}; char ssid[33] = {0}, network_key[65] = {0}, bridge_buf[16] = {0}, *bridge; + int mfp = 0; /* step past br- prefix if present*/ bridge = bridge_buf; @@ -925,7 +934,7 @@ int uci_apply_m2(struct agent_config *cfg, char *interface_name, char *device, // br_ip[1], br_ip[2], br_ip[3]); if (!get_encryption_value(out->auth_type, out->enc_type, - auth_type_str, 20)) { + auth_type_str, 20, &mfp)) { info("Unsupported encryption or cipher received!!\n"); return M2_PROCESS_ERROR; } @@ -1003,6 +1012,11 @@ int uci_apply_m2(struct agent_config *cfg, char *interface_name, char *device, interface_name, "ieee80211k", "1"); uci_set_wireless_interface_option(UCI_WIRELESS, UCI_WLAN_IFACE, "ifname", interface_name, "ieee80211v", "1"); + if (mfp > 0) { + uci_set_wireless_interface_option(UCI_WIRELESS, UCI_WLAN_IFACE, + "ifname", interface_name, + "ieee80211w", mfp == 1 ? "1" : "2"); + } uci_set_wireless_interface_option(UCI_WIRELESS, UCI_WLAN_IFACE, "ifname", interface_name, "start_disabled", "0"); dbg("|%s:%d| Enabled interface %s\n", __func__, __LINE__,