[OpenWrt-Devel] [PATCH] hostapd: enable PMKSA and OK caching for WPA3-Personal
David Bauer
mail at david-bauer.net
Tue Oct 29 18:42:03 EDT 2019
This enables PMKSA and opportunistic key caching by default for
WPA2/WPA3-Personal, WPA3-Personal and OWE auth types.
Otherwise, Apple devices won't connect to the WPA3 network.
This should not degrade security, as there's no external authentication
provider.
Tested with OCEDO Koala and iPhone 7 (iOS 13.1).
Signed-off-by: David Bauer <mail at david-bauer.net>
---
package/network/services/hostapd/files/hostapd.sh | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/package/network/services/hostapd/files/hostapd.sh b/package/network/services/hostapd/files/hostapd.sh
index 8da8539e8a..fdbce815df 100644
--- a/package/network/services/hostapd/files/hostapd.sh
+++ b/package/network/services/hostapd/files/hostapd.sh
@@ -540,7 +540,14 @@ hostapd_set_bss_options() {
append bss_conf "rsn_preauth=1" "$N"
append bss_conf "rsn_preauth_interfaces=$network_bridge" "$N"
else
- set_default auth_cache 0
+ case "$auth_type" in
+ sae|psk-sae|owe)
+ set_default auth_cache 1
+ ;;
+ *)
+ set_default auth_cache 0
+ ;;
+ esac
fi
append bss_conf "okc=$auth_cache" "$N"
--
2.23.0
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
More information about the openwrt-devel
mailing list