From 98d0ee9dbf7a578093b5e97363e5a07dd28ea99a Mon Sep 17 00:00:00 2001 From: Felix Fietkau Date: Thu, 31 Aug 2023 11:16:04 +0200 Subject: [PATCH] hostapd: fix FILS key mgmt type for WPA3 Enterprise 192 bit Use the SHA384 variant to account for longer keys with more security Signed-off-by: Felix Fietkau (cherry picked from commit f0d1349b52983400e7526f3ab57dc6a0f2cc771a) --- package/network/services/hostapd/files/hostapd.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/package/network/services/hostapd/files/hostapd.sh b/package/network/services/hostapd/files/hostapd.sh index c6ae6fb98b0..36aa6273b6a 100644 --- a/package/network/services/hostapd/files/hostapd.sh +++ b/package/network/services/hostapd/files/hostapd.sh @@ -77,6 +77,10 @@ hostapd_append_wpa_key_mgmt() { [ "$fils" -gt 0 ] && { case "$auth_type" in + eap-192) + append wpa_key_mgmt FILS-SHA384 + [ "${ieee80211r:-0}" -gt 0 ] && append wpa_key_mgmt FT-FILS-SHA384 + ;; eap*) append wpa_key_mgmt FILS-SHA256 [ "${ieee80211r:-0}" -gt 0 ] && append wpa_key_mgmt FT-FILS-SHA256