On 10/18/2017 1:13 PM, Johannes Berg wrote: .... >> hostapd uses change_beacon to change the security of the AP so this >> needs to be supported. > > I didn't think this made sense - Jouni? Does hostapd kick off all > stations in this case? > >> We do need to restart the AP in this case which will >> disconnect existing clients, but this cannot be helped... > > Why not restart the AP entirely then from userspace? Hmm. I wonder what > would happen with mac80211 - I guess keys would have to removed etc? > Does this just work by accident because mac80211 removes the keys with > stations? What about GTK(s) though? > Not sure what happens when the privacy stays the same (secure) but keys change, maybe Jouni can comment. >> As a side note, hostapd can also use change_beacon to change the >> SSID. > > When does that happen? By chance I worked on a WPS certification test last week which used a shell script to perform various operations. The AP started secure but the script could change its configuration to unsecure. It used the wps_config CLI command to change both the security and SSID and hostapd used change_beacon to perform this operation. We got this script from WIFI team so there is good chance it is in use by existing certification test beds.
