[RFC PATCH 1/2] hostapd: split auth_cache into individual components

Michael Yartys michael.yartys at gmail.com
Tue Jul 14 08:32:33 EDT 2020


Split auth_cache into pmksa_cache (PMKSA caching) and
okc (Opportunistic Key Caching) to enable setting these options
individually.

Signed-off-by: Michael Yartys <michael.yartys at gmail.com>
---
 .../network/services/hostapd/files/hostapd.sh   | 17 ++++++++++-------
 1 file changed, 10 insertions(+), 7 deletions(-)

diff --git a/package/network/services/hostapd/files/hostapd.sh b/package/network/services/hostapd/files/hostapd.sh
index f4e2aa559c..644bad2a62 100644
--- a/package/network/services/hostapd/files/hostapd.sh
+++ b/package/network/services/hostapd/files/hostapd.sh
@@ -191,7 +191,7 @@ hostapd_common_add_bss_config() {
 
 	config_add_boolean tdls_prohibit
 
-	config_add_boolean rsn_preauth auth_cache
+	config_add_boolean rsn_preauth pmksa_cache okc
 	config_add_int ieee80211w
 	config_add_int eapol_version
 
@@ -308,7 +308,7 @@ hostapd_set_bss_options() {
 	json_get_vars \
 		wep_rekey wpa_group_rekey wpa_pair_rekey wpa_master_rekey wpa_strict_rekey \
 		wpa_disable_eapol_key_retries tdls_prohibit \
-		maxassoc max_inactivity disassoc_low_ack isolate auth_cache \
+		maxassoc max_inactivity disassoc_low_ack isolate pmksa_cache okc \
 		wps_pushbutton wps_label ext_registrar wps_pbc_in_m1 wps_ap_setup_locked \
 		wps_independent wps_device_type wps_device_name wps_manufacturer wps_pin \
 		macfilter ssid utf8_ssid wmm uapsd hidden short_preamble rsn_preauth \
@@ -609,22 +609,25 @@ hostapd_set_bss_options() {
 
 	if [ "$wpa" -ge "2" ]; then
 		if [ -n "$network_bridge" -a "$rsn_preauth" = 1 ]; then
-			set_default auth_cache 1
+			set_default pmksa_cache 1
+			set_default okc 1
 			append bss_conf "rsn_preauth=1" "$N"
 			append bss_conf "rsn_preauth_interfaces=$network_bridge" "$N"
 		else
 			case "$auth_type" in
 			sae|psk-sae|owe)
-				set_default auth_cache 1
+				set_default pmksa_cache 1
+				set_default okc 1
 			;;
 			*)
-				set_default auth_cache 0
+				set_default pmksa_cache 0
+				set_default okc 0
 			;;
 			esac
 		fi
 
-		append bss_conf "okc=$auth_cache" "$N"
-		[ "$auth_cache" = 0 ] && append bss_conf "disable_pmksa_caching=1" "$N"
+		append bss_conf "okc=$okc" "$N"
+		[ "$pmksa_cache" = 0 ] && append bss_conf "disable_pmksa_caching=1" "$N"
 
 		# RSN -> allow management frame protection
 		case "$ieee80211w" in
-- 
2.26.2




More information about the openwrt-devel mailing list