diff options
-rw-r--r-- | debian/changelog | 8 | ||||
-rw-r--r-- | debian/patches/series | 1 | ||||
-rw-r--r-- | debian/patches/upstream-fixes/0016-Override-ieee80211w-from-pmf-for-AP-mode-in-wpa_supp.patch | 36 | ||||
-rw-r--r-- | wpa_supplicant/ap.c | 6 |
4 files changed, 50 insertions, 1 deletions
diff --git a/debian/changelog b/debian/changelog index 9ad933d..4ed6bb7 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +wpa (2:2.10-19) unstable; urgency=medium + + [ Andrey Skvortsov ] + * Override ieee80211w from pmf for AP mode in wpa_supplicant + (Closes: #1057494) + + -- Andrej Shadura <andrewsh@debian.org> Sun, 10 Dec 2023 16:17:49 +0100 + wpa (2:2.10-18) unstable; urgency=medium * Use "command" when calling actual ifupdown and not its shell wrappers diff --git a/debian/patches/series b/debian/patches/series index d90e0d4..72576c4 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -13,3 +13,4 @@ wpa_service_netdev.patch upstream-fixes/0013-wnm-Choose-best-available-bss-not-just-first-one.patch upstream-fixes/0014-wpa_supplicant-Fix-wpa_supplicant-configuration-pars.patch upstream-fixes/0015-Abort-ongoing-scan.patch +upstream-fixes/0016-Override-ieee80211w-from-pmf-for-AP-mode-in-wpa_supp.patch
\ No newline at end of file diff --git a/debian/patches/upstream-fixes/0016-Override-ieee80211w-from-pmf-for-AP-mode-in-wpa_supp.patch b/debian/patches/upstream-fixes/0016-Override-ieee80211w-from-pmf-for-AP-mode-in-wpa_supp.patch new file mode 100644 index 0000000..2b432d6 --- /dev/null +++ b/debian/patches/upstream-fixes/0016-Override-ieee80211w-from-pmf-for-AP-mode-in-wpa_supp.patch @@ -0,0 +1,36 @@ +From 5f3cdc06489ff1ec16d75c3ff41f5ac7c2f62c7c Mon Sep 17 00:00:00 2001 +From: Chaoli Zhou <quic_zchaoli@quicinc.com> +Date: Thu, 8 Sep 2022 17:43:32 +0800 +Subject: [PATCH] Override ieee80211w from pmf for AP mode in wpa_supplicant + +Since NetworkManager doesn't support setting ieee80211w to +wpa_supplicant and only support pmf, so override ieee80211w from pmf for +AP mode if ieee80211w not configurated. Do not change behavior for the +P2P GO cases. + +Signed-off-by: Chaoli Zhou <quic_zchaoli@quicinc.com> +--- + wpa_supplicant/ap.c | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +diff --git a/wpa_supplicant/ap.c b/wpa_supplicant/ap.c +index 67f2d8ac1..653f15f54 100644 +--- a/wpa_supplicant/ap.c ++++ b/wpa_supplicant/ap.c +@@ -701,8 +701,12 @@ static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s, + bss->wpa_group_rekey = 86400; + } + +- if (ssid->ieee80211w != MGMT_FRAME_PROTECTION_DEFAULT) ++ if (ssid->ieee80211w != MGMT_FRAME_PROTECTION_DEFAULT) { + bss->ieee80211w = ssid->ieee80211w; ++ } else if (wpa_s->conf->pmf != MGMT_FRAME_PROTECTION_DEFAULT) { ++ if (ssid->mode == WPAS_MODE_AP) ++ bss->ieee80211w = wpa_s->conf->pmf; ++ } + + #ifdef CONFIG_OCV + bss->ocv = ssid->ocv; +-- +2.42.0 + diff --git a/wpa_supplicant/ap.c b/wpa_supplicant/ap.c index 6a0a69e..9d0f703 100644 --- a/wpa_supplicant/ap.c +++ b/wpa_supplicant/ap.c @@ -701,8 +701,12 @@ static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s, bss->wpa_group_rekey = 86400; } - if (ssid->ieee80211w != MGMT_FRAME_PROTECTION_DEFAULT) + if (ssid->ieee80211w != MGMT_FRAME_PROTECTION_DEFAULT) { bss->ieee80211w = ssid->ieee80211w; + } else if (wpa_s->conf->pmf != MGMT_FRAME_PROTECTION_DEFAULT) { + if (ssid->mode == WPAS_MODE_AP) + bss->ieee80211w = wpa_s->conf->pmf; + } #ifdef CONFIG_OCV bss->ocv = ssid->ocv; |