On Sun, Jan 14, 2018 at 09:33:50AM +0900, Masashi Honma wrote:
Previouslly, the value of ieee80211w and key_mgmt field in wpa_supplicant.conf was defined by the value of pmf. NM_SETTING_WIRELESS_SECURITY_PMF_DISABLE ieee80211w=0 key_mgmt=wpa-eap NM_SETTING_WIRELESS_SECURITY_PMF_OPTIONAL ieee80211w=1 key_mgmt=wpa-eap wpa-eap-sha256 NM_SETTING_WIRELESS_SECURITY_PMF_REQUIRED ieee80211w=2 key_mgmt=wpa-eap-sha256 Though these works, these does not include whole combinations. The key_mgmt could be set independent of ieee80211w value. For example, management frame protection could be used with wpa-eap. ieee80211w=2 key_mgmt=wpa-eap And wpa-eap-sha256 could be used without management frame protection. ieee80211w=0 key_mgmt=wpa-eap-sha256 So this patch uses always key_mgmt=wpa-psk wpa-psk-sha256 or key_mgmt=wpa-eap wpa-eap-sha256. By this setting, when AP supports both, stronger algorithm will be chosen (ex. when AP supports both wpa-eap and wpa-eap-sha256, wpa-eap-sha256 will be chosen).
Hi, the series now looks very good to me, thanks! Beniamino
Attachment:
signature.asc
Description: PGP signature