hostapd: add support for setting sae_pwe

Make it possible to specify the SAE mechanism for PWE derivation. The following values are possible: 0 = hunting-and-pecking loop only 1 = hash-to-element only 2 = both hunting-and-pecking loop and hash-to-element enabled hostapd currently defaults to hunting-and-pecking loop only. Signed-off-by: Michael Yartys <michael.yartys@protonmail.com>
2021-06-02 19:48:43 +02:00 · 2021-06-02 19:48:43 +02:00 · b9b4aef4f2
commit b9b4aef4f2
parent bf4dbbb55e
1 changed files with 3 additions and 1 deletions
--- a/package/network/services/hostapd/files/hostapd.sh
+++ b/package/network/services/hostapd/files/hostapd.sh
@ -319,6 +319,7 @@ hostapd_common_add_bss_config() {
 	config_add_array supported_rates

 	config_add_boolean sae_require_mfp
+	config_add_int sae_pwe

 	config_add_string 'owe_transition_bssid:macaddr' 'owe_transition_ssid:string'

@ -520,7 +521,7 @@ hostapd_set_bss_options() {
 		macfilter ssid utf8_ssid wmm uapsd hidden short_preamble rsn_preauth \
 		iapp_interface eapol_version dynamic_vlan ieee80211w nasid \
 		acct_server acct_secret acct_port acct_interval \
-		bss_load_update_period chan_util_avg_period sae_require_mfp \
+		bss_load_update_period chan_util_avg_period sae_require_mfp sae_pwe \
 		multi_ap multi_ap_backhaul_ssid multi_ap_backhaul_key skip_inactivity_poll \
 		airtime_bss_weight airtime_bss_limit airtime_sta_weight \
 		multicast_to_unicast proxy_arp per_sta_vif \
@ -604,6 +605,7 @@ hostapd_set_bss_options() {
 		;;
 	esac
 	[ -n "$sae_require_mfp" ] && append bss_conf "sae_require_mfp=$sae_require_mfp" "$N"
+	[ -n "$sae_pwe" ] && append bss_conf "sae_pwe=$sae_pwe" "$N"

 	local vlan_possible=""