hostapd: enforce CCMP WPA cipher if hwmode is 11ng or 11na
authorJo-Philipp Wich <jow@openwrt.org>
Wed, 30 Jun 2010 21:24:30 +0000 (21:24 +0000)
committerJo-Philipp Wich <jow@openwrt.org>
Wed, 30 Jun 2010 21:24:30 +0000 (21:24 +0000)
SVN-Revision: 22000

package/hostapd/files/hostapd.sh

index 9edb0708148e18ab36626288deb735c42615f12a..fdb047be6a76518f058fc014a8d4d6ce4e229585 100644 (file)
@@ -7,6 +7,9 @@ hostapd_set_bss_options() {
        config_get wpa_group_rekey "$vif" wpa_group_rekey
        config_get_bool ap_isolate "$vif" isolate 0
 
+       config_get device "$vif" device
+       config_get hwmode "$device" hwmode
+
        if [ "$ap_isolate" -gt 0 ]; then
                append "$var" "ap_isolate=$ap_isolate" "$N"
        fi
@@ -43,6 +46,11 @@ hostapd_set_bss_options() {
                *tkip) crypto="TKIP";;
        esac
 
+       # enforce CCMP for 11ng and 11na
+       case "$hwmode" in
+               *ng|*na) crypto="CCMP";;
+       esac
+
        # use crypto/auth settings for building the hostapd config
        case "$enc" in
                *psk*)