[PATCH] Disable HE capabilites when using wrong config

Shay Bar <shay.bar@xxxxxxxxxx> · Wed, 27 Jan 2021 18:01:17 +0200

Add 11ax configuration check similar to HT/VHT.

Signed-off-by: Shay Bar <shay.bar@xxxxxxxxxx>
---
 src/ap/ap_config.c | 31 +++++++++++++++++++++++++++++--
 1 file changed, 29 insertions(+), 2 deletions(-)

diff --git a/src/ap/ap_config.c b/src/ap/ap_config.c
index 84d13512b..7f0bbd267 100644
--- a/src/ap/ap_config.c
+++ b/src/ap/ap_config.c
@@ -1264,7 +1264,8 @@ static int hostapd_config_check_bss(struct hostapd_bss_config *bss,
 	    bss->ssid.security_policy == SECURITY_STATIC_WEP) {
 		bss->disable_11ac = true;
 		wpa_printf(MSG_ERROR,
-			   "VHT (IEEE 802.11ac) with WEP is not allowed, disabling VHT capabilities");
+			   "VHT (IEEE 802.11ac) with WEP is not allowed, "
+			   "disabling VHT capabilities");
 	}
 #endif /* CONFIG_WEP */
 
@@ -1275,10 +1276,36 @@ static int hostapd_config_check_bss(struct hostapd_bss_config *bss,
 	{
 		bss->disable_11ac = true;
 		wpa_printf(MSG_ERROR,
-			   "VHT (IEEE 802.11ac) with WPA/WPA2 requires CCMP/GCMP to be enabled, disabling VHT capabilities");
+			   "VHT (IEEE 802.11ac) with WPA/WPA2 requires "
+			   "CCMP/GCMP to be enabled, "
+			   "disabling VHT capabilities");
 	}
 #endif /* CONFIG_IEEE80211AC */
 
+#ifdef CONFIG_IEEE80211AX
+#ifdef CONFIG_WEP
+	if (full_config && conf->ieee80211ax &&
+	    bss->ssid.security_policy == SECURITY_STATIC_WEP) {
+		bss->disable_11ax = true;
+		wpa_printf(MSG_ERROR,
+			   "HE (IEEE 802.11ax) with WEP is not allowed, "
+			   "disabling HE capabilities");
+	}
+#endif /* CONFIG_WEP */
+
+	if (full_config && conf->ieee80211ax && bss->wpa &&
+	    !(bss->wpa_pairwise & WPA_CIPHER_CCMP) &&
+	    !(bss->rsn_pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP |
+				   WPA_CIPHER_CCMP_256 | WPA_CIPHER_GCMP_256)))
+	{
+		bss->disable_11ax = true;
+		wpa_printf(MSG_ERROR,
+			   "HE (IEEE 802.11ax) with WPA/WPA2 requires "
+			   "CCMP/GCMP to be enabled, "
+			   "disabling HE capabilities");
+	}
+#endif /* CONFIG_IEEE80211AX */
+
 #ifdef CONFIG_WPS
 	if (full_config && bss->wps_state && bss->ignore_broadcast_ssid) {
 		wpa_printf(MSG_INFO, "WPS: ignore_broadcast_ssid "
-- 
2.17.1


_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap






