[PATCH] netifd: fix WPA3 enterprise ciphers
Joerg Werner
schreibubi at gmail.com
Sun Jun 26 08:21:33 PDT 2022
WPA3 enterprise requires wpa_cipher to be GCMP-256, so if the user set
encryption to wpa3 or wpa3-mixed, then add GCMP-256. Also allow explicit
selection of GCMP-256 by adding gcmp256 at the end of the encryption
value.
Signed-off-by: Joerg Werner <schreibubi at gmail.com>
---
scripts/netifd-wireless.sh | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/scripts/netifd-wireless.sh b/scripts/netifd-wireless.sh
index 0e3293c..435a707 100644
--- a/scripts/netifd-wireless.sh
+++ b/scripts/netifd-wireless.sh
@@ -221,6 +221,7 @@ wireless_vif_parse_encryption() {
*aes|*ccmp) wpa_cipher="CCMP";;
*tkip) wpa_cipher="TKIP";;
*gcmp) wpa_cipher="GCMP";;
+ *gcmp256) wpa_cipher="GCMP-256";;
esac
# 802.11n requires CCMP for WPA
@@ -246,7 +247,6 @@ wireless_vif_parse_encryption() {
wpa_cipher=
;;
esac
- wpa_pairwise="$wpa_cipher"
case "$encryption" in
owe*)
@@ -254,9 +254,11 @@ wireless_vif_parse_encryption() {
;;
wpa3-mixed*)
auth_type=eap-eap192
+ wpa_cipher="${wpa_cipher} GCMP-256"
;;
wpa3*)
auth_type=eap192
+ wpa_cipher="GCMP-256"
;;
psk3-mixed*|sae-mixed*)
auth_type=psk-sae
@@ -283,6 +285,7 @@ wireless_vif_parse_encryption() {
esac
;;
esac
+ wpa_pairwise="$wpa_cipher"
case "$encryption" in
*osen*)
--
2.36.1
More information about the openwrt-devel
mailing list