Simplifies testing. All other items are seconds as well. Signed-off-by: Michael Braun <michael-dev@xxxxxxxxxxxxx> --- hostapd/config_file.c | 2 ++ hostapd/hostapd.conf | 6 +++--- src/ap/ap_config.c | 2 +- src/ap/wpa_auth.c | 2 +- src/ap/wpa_auth_ft.c | 4 ++-- 5 files changed, 9 insertions(+), 7 deletions(-) diff --git a/hostapd/config_file.c b/hostapd/config_file.c index 0d6388e..9e706ac 100644 --- a/hostapd/config_file.c +++ b/hostapd/config_file.c @@ -2549,6 +2549,8 @@ static int hostapd_config_fill(struct hostapd_config *conf, return 1; } } else if (os_strcmp(buf, "r0_key_lifetime") == 0) { + bss->r0_key_lifetime = atoi(pos) * 60; + } else if (os_strcmp(buf, "ft_r0_key_lifetime") == 0) { bss->r0_key_lifetime = atoi(pos); } else if (os_strcmp(buf, "r1_max_key_lifetime") == 0) { bss->r1_max_key_lifetime = atoi(pos); diff --git a/hostapd/hostapd.conf b/hostapd/hostapd.conf index e0147be..1617200 100644 --- a/hostapd/hostapd.conf +++ b/hostapd/hostapd.conf @@ -1298,10 +1298,10 @@ own_ip_addr=127.0.0.1 # 1 to 48 octet identifier. # This is configured with nas_identifier (see RADIUS client section above). -# Default lifetime of the PMK-RO in minutes; range 1..65535 -# (default: 60 minutes; 0 = disable timeout) +# Default lifetime of the PMK-RO in seconds; range 60..4294967295 +# (default: 14 days / 1209600 seconds; 0 = disable timeout) # (dot11FTR0KeyLifetime) -#r0_key_lifetime=10000 +#ft_r0_key_lifetime=10000 # maximum lifetime for PMK-R1; applied only if != 0 # PMK-R1 is removed at least after this limit. diff --git a/src/ap/ap_config.c b/src/ap/ap_config.c index 6363da6..63d56f5 100644 --- a/src/ap/ap_config.c +++ b/src/ap/ap_config.c @@ -94,7 +94,7 @@ void hostapd_config_defaults_bss(struct hostapd_bss_config *bss) bss->rkh_neg_timeout = 60; bss->rkh_pull_timeout = 1000; bss->rkh_pull_retries = 4; - bss->r0_key_lifetime = 60; /* same as eap_reauth_period */ + bss->r0_key_lifetime = 1209600; #endif /* CONFIG_IEEE80211R */ bss->radius_das_time_window = 300; diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c index 9101665..e757aa3 100644 --- a/src/ap/wpa_auth.c +++ b/src/ap/wpa_auth.c @@ -2363,7 +2363,7 @@ SM_STATE(WPA_PTK, PTKINITNEGOTIATING) *pos++ = WLAN_EID_TIMEOUT_INTERVAL; *pos++ = 5; *pos++ = WLAN_TIMEOUT_KEY_LIFETIME; - WPA_PUT_LE32(pos, conf->r0_key_lifetime * 60); + WPA_PUT_LE32(pos, conf->r0_key_lifetime); pos += 4; } #endif /* CONFIG_IEEE80211R */ diff --git a/src/ap/wpa_auth_ft.c b/src/ap/wpa_auth_ft.c index 860de1e..409cbc6 100644 --- a/src/ap/wpa_auth_ft.c +++ b/src/ap/wpa_auth_ft.c @@ -1233,7 +1233,7 @@ int wpa_auth_derive_ptk_ft(struct wpa_state_machine *sm, const u8 *pmk, const u8 *ssid = sm->wpa_auth->conf.ssid; size_t ssid_len = sm->wpa_auth->conf.ssid_len; int psk_local = sm->wpa_auth->conf.ft_psk_generate_local; - int expires_in = sm->wpa_auth->conf.r0_key_lifetime * 60; + int expires_in = sm->wpa_auth->conf.r0_key_lifetime; struct vlan_description vlan; const u8 *identity, *radius_cui; int identity_len, radius_cui_len; @@ -2643,7 +2643,7 @@ static int wpa_ft_rrb_rx_r1(struct wpa_authenticator *wpa_auth, int pairwise; int ret = -1; int expires_in; - int max_expires_in = wpa_auth->conf.r0_key_lifetime * 60; + int max_expires_in = wpa_auth->conf.r0_key_lifetime; int session_timeout; struct vlan_description vlan; char buf[256]; -- 2.1.4 _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap