Do not allow HT with WPA/WPA2 to be enabled without CCMP

IEEE 802.11n does not allow HT STAs to use TKIP between themselves, so
do do allow a configuration that would force this to happen if HT is
used.

diff --git a/hostapd/config.c b/hostapd/config.c
index 903cd6c..39cc18d 100644 (file)
--- a/hostapd/config.c
+++ b/hostapd/config.c
@@ -944,6 +944,16 @@ static int hostapd_config_check_bss(struct hostapd_bss_config *bss,
        }
 #endif /* CONFIG_IEEE80211R */
 
+#ifdef CONFIG_IEEE80211N
+       if (conf->ieee80211n && bss->wpa &&
+           !(bss->wpa_pairwise & WPA_CIPHER_CCMP) &&
+           !(bss->rsn_pairwise & WPA_CIPHER_CCMP)) {
+               printf("HT (IEEE 802.11n) with WPA/WPA2 requires CCMP to be "
+                      "enabled\n");
+               return -1;
+       }
+#endif /* CONFIG_IEEE80211N */
+
        return 0;
 }