diff options
author | Joerg Werner <schreibubi@gmail.com> | 2022-08-15 14:10:22 +0200 |
---|---|---|
committer | Hauke Mehrtens <hauke@hauke-m.de> | 2022-08-20 17:56:51 +0200 |
commit | bfa039c414bc6613cc5361aaf5fa6baf5fa0264b (patch) | |
tree | baf113981559c80ee2279724d6bcd95c261563ef | |
parent | 87fbefd95043c24ccd3d5639a90721a5ed0b8267 (diff) | |
download | netifd-bfa039c414bc6613cc5361aaf5fa6baf5fa0264b.tar.gz |
netifd: fix WPA3 enterprise ciphers
WPA3 enterprise requires wpa_cipher to be GCMP-256 for good client/device
support, so if the user sets encryption to wpa3 or wpa3-mixed, then add
GCMP-256. Also allow explicit selection of GCMP-256/CCMP-256 ciphers by
adding gcmp256/ccmp256 at the end of the encryption value.
Signed-off-by: Joerg Werner <schreibubi@gmail.com>
-rw-r--r-- | scripts/netifd-wireless.sh | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/scripts/netifd-wireless.sh b/scripts/netifd-wireless.sh index 0e3293c..5779751 100644 --- a/scripts/netifd-wireless.sh +++ b/scripts/netifd-wireless.sh @@ -216,10 +216,19 @@ wireless_vif_parse_encryption() { wpa_cipher="CCMP" fi + # WPA3 enterprise requires the GCMP-256 cipher (technically also CCMP and GCMP are possible + # but many clients/devices do not support that) + case "$encryption" in + wpa3-mixed*) wpa_cipher="${wpa_cipher} GCMP-256";; + wpa3*) wpa_cipher="GCMP-256";; + esac + case "$encryption" in *tkip+aes|*tkip+ccmp|*aes+tkip|*ccmp+tkip) wpa_cipher="CCMP TKIP";; + *ccmp256) wpa_cipher="CCMP-256";; *aes|*ccmp) wpa_cipher="CCMP";; *tkip) wpa_cipher="TKIP";; + *gcmp256) wpa_cipher="GCMP-256";; *gcmp) wpa_cipher="GCMP";; esac |