diff --git a/components/esp_wifi/include/esp_wifi_types.h b/components/esp_wifi/include/esp_wifi_types.h index 879392099d..45550eca11 100644 --- a/components/esp_wifi/include/esp_wifi_types.h +++ b/components/esp_wifi/include/esp_wifi_types.h @@ -222,6 +222,7 @@ typedef struct { uint8_t ssid_hidden; /**< Broadcast SSID or not, default 0, broadcast the SSID */ uint8_t max_connection; /**< Max number of stations allowed to connect in, default 4, max 10 */ uint16_t beacon_interval; /**< Beacon interval which should be multiples of 100. Unit: TU(time unit, 1 TU = 1024 us). Range: 100 ~ 60000. Default value: 100 */ + wifi_cipher_type_t pairwise_cipher; /**< pairwise cipher of SoftAP, group cipher will be derived using this. cipher values are valid starting from WIFI_CIPHER_TYPE_TKIP, enum values before that will be considered as invalid and default cipher suites(TKIP+CCMP) will be used. Valid cipher suites in softAP mode are WIFI_CIPHER_TYPE_TKIP, WIFI_CIPHER_TYPE_CCMP and WIFI_CIPHER_TYPE_TKIP_CCMP. */ } wifi_ap_config_t; /** @brief STA configuration settings for the ESP32 */ diff --git a/components/esp_wifi/lib b/components/esp_wifi/lib index c5cf57a2d0..2c6178981f 160000 --- a/components/esp_wifi/lib +++ b/components/esp_wifi/lib @@ -1 +1 @@ -Subproject commit c5cf57a2d0d61fa18dc847a4d13cd678c43bc7f5 +Subproject commit 2c6178981f0d8cb7cee9177db1baff7f32940af8 diff --git a/components/wpa_supplicant/src/esp_supplicant/esp_hostap.c b/components/wpa_supplicant/src/esp_supplicant/esp_hostap.c index 19a88d529d..00b08035c6 100644 --- a/components/wpa_supplicant/src/esp_supplicant/esp_hostap.c +++ b/components/wpa_supplicant/src/esp_supplicant/esp_hostap.c @@ -33,6 +33,7 @@ void *hostap_init(void) struct wpa_auth_config *auth_conf; u8 mac[6]; u16 spp_attrubute = 0; + u8 pairwise_cipher; hapd = (struct hostapd_data *)os_zalloc(sizeof(struct hostapd_data)); @@ -65,9 +66,25 @@ void *hostap_init(void) auth_conf->wpa = WPA_PROTO_RSN | WPA_PROTO_WPA; } - auth_conf->wpa_group = WPA_CIPHER_TKIP; - auth_conf->wpa_pairwise = WPA_CIPHER_CCMP | WPA_CIPHER_TKIP; - auth_conf->rsn_pairwise = WPA_CIPHER_CCMP | WPA_CIPHER_TKIP; + pairwise_cipher = esp_wifi_ap_get_prof_pairwise_cipher_internal(); + /* TKIP is compulsory in WPA Mode */ + if (auth_conf->wpa == WPA_PROTO_WPA && pairwise_cipher == WIFI_CIPHER_TYPE_CCMP) { + pairwise_cipher = WIFI_CIPHER_TYPE_TKIP_CCMP; + } + if (pairwise_cipher == WIFI_CIPHER_TYPE_TKIP) { + auth_conf->wpa_group = WPA_CIPHER_TKIP; + auth_conf->wpa_pairwise = WPA_CIPHER_TKIP; + auth_conf->rsn_pairwise = WPA_CIPHER_TKIP; + } else if (pairwise_cipher == WIFI_CIPHER_TYPE_CCMP) { + auth_conf->wpa_group = WPA_CIPHER_CCMP; + auth_conf->wpa_pairwise = WPA_CIPHER_CCMP; + auth_conf->rsn_pairwise = WPA_CIPHER_CCMP; + } else { + auth_conf->wpa_group = WPA_CIPHER_TKIP; + auth_conf->wpa_pairwise = WPA_CIPHER_CCMP | WPA_CIPHER_TKIP; + auth_conf->rsn_pairwise = WPA_CIPHER_CCMP | WPA_CIPHER_TKIP; + } + auth_conf->wpa_key_mgmt = WPA_KEY_MGMT_PSK; auth_conf->eapol_version = EAPOL_VERSION; diff --git a/components/wpa_supplicant/src/esp_supplicant/esp_wifi_driver.h b/components/wpa_supplicant/src/esp_supplicant/esp_wifi_driver.h index ccac01a238..64c4783c4d 100644 --- a/components/wpa_supplicant/src/esp_supplicant/esp_wifi_driver.h +++ b/components/wpa_supplicant/src/esp_supplicant/esp_wifi_driver.h @@ -257,5 +257,6 @@ bool esp_wifi_is_rm_enabled_internal(uint8_t if_index); bool esp_wifi_is_btm_enabled_internal(uint8_t if_index); esp_err_t esp_wifi_register_mgmt_frame_internal(uint32_t type, uint32_t subtype); esp_err_t esp_wifi_send_mgmt_frm_internal(const wifi_mgmt_frm_req_t *req); +uint8_t esp_wifi_ap_get_prof_pairwise_cipher_internal(void); #endif /* _ESP_WIFI_DRIVER_H_ */