[OpenWrt-Devel] [PATCH v2 2/2] wpa_supplicant: enforce cipher in client mode

Tue Mar 8 06:17:11 EST 2016

Previously, explicitely setting the cipher used for WPA/RSN in UCI
didn't end-up in the settings passed-over to wpa_supplicant.
As wpa_cipher is now being derived for that purpose, use it to set
both group and pairwise in wpa_supplicant's config.

Signed-off-by: Daniel Golle <daniel at makrotopia.org>
---
 package/network/services/hostapd/files/netifd.sh | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/package/network/services/hostapd/files/netifd.sh b/package/network/services/hostapd/files/netifd.sh
index ad96b8b..507e0b7 100644
--- a/package/network/services/hostapd/files/netifd.sh
+++ b/package/network/services/hostapd/files/netifd.sh
@@ -675,6 +675,11 @@ wpa_supplicant_add_network() {
 			;;
 		esac
 
+		if [ -n "$wpa_cipher" ]; then
+			append network_data "pairwise=$wpa_cipher" "$N$T"
+			append network_data "group=$wpa_cipher" "$N$T"
+		fi
+
 		case "$ieee80211w" in
 			[012])
 				[ "$wpa" -ge 2 ] && append network_data "ieee80211w=$ieee80211w" "$N$T"
-- 
2.7.2
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
