From b5f2d82c47dd083e2de06e7279ce516841d758a5 Mon Sep 17 00:00:00 2001 From: Sarvesh Bodakhe Date: Thu, 28 Aug 2025 13:55:21 +0530 Subject: [PATCH] fix(wifi): add GCMP-128 support for SoftAP and some other bugfixes - GCMP-256 SoftAP support was previously added as part of SAE Extended Key handling. - Fixes the authmode sent in WIFI_EVENT_STA_CONNECTED, which was previously taken directly from the AKM field. This caused incorrect values in some cases. - Updates the "security" log to show the correct wifi_auth_mode_t. - Fixes wrong authmode strength used in the connection path. --- components/esp_wifi/include/esp_wifi_types.h | 4 ++-- components/esp_wifi/lib | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/components/esp_wifi/include/esp_wifi_types.h b/components/esp_wifi/include/esp_wifi_types.h index ce2534bf2a..2638956bf2 100644 --- a/components/esp_wifi/include/esp_wifi_types.h +++ b/components/esp_wifi/include/esp_wifi_types.h @@ -305,13 +305,13 @@ typedef struct { uint8_t password[64]; /**< Password of soft-AP. */ uint8_t ssid_len; /**< Optional length of SSID field. */ uint8_t channel; /**< Channel of soft-AP */ - wifi_auth_mode_t authmode; /**< Auth mode of soft-AP. Do not support AUTH_WEP, AUTH_WAPI_PSK and AUTH_OWE in soft-AP mode. When the auth mode is set to WPA2_PSK, WPA2_WPA3_PSK or WPA3_PSK, the pairwise cipher will be overwritten with WIFI_CIPHER_TYPE_CCMP. */ + wifi_auth_mode_t authmode; /**< Auth mode of soft-AP. Do not support AUTH_WEP, AUTH_WAPI_PSK and AUTH_OWE in soft-AP mode. When the auth mode is set to WPA2_PSK, WPA2_WPA3_PSK or WPA3_PSK, the pairwise cipher will be overwritten with WIFI_CIPHER_TYPE_CCMP by default, unless explicitly set. */ uint8_t ssid_hidden; /**< Broadcast SSID or not, default 0, broadcast the SSID */ uint8_t max_connection; /**< Max number of stations allowed to connect in */ uint16_t beacon_interval; /**< Beacon interval which should be multiples of 100. Unit: TU(time unit, 1 TU = 1024 us). Range: 100 ~ 60000. Default value: 100 */ uint8_t csa_count; /**< Channel Switch Announcement Count. Notify the station that the channel will switch after the csa_count beacon intervals. Default value: 3 */ uint8_t dtim_period; /**< Dtim period of soft-AP. Range: 1 ~ 10. Default value: 1 */ - wifi_cipher_type_t pairwise_cipher; /**< Pairwise cipher of SoftAP, group cipher will be derived using this. Cipher values are valid starting from WIFI_CIPHER_TYPE_TKIP, enum values before that will be considered as invalid and default cipher suites(TKIP+CCMP) will be used. Valid cipher suites in softAP mode are WIFI_CIPHER_TYPE_TKIP, WIFI_CIPHER_TYPE_CCMP and WIFI_CIPHER_TYPE_TKIP_CCMP. */ + wifi_cipher_type_t pairwise_cipher; /**< Pairwise cipher of SoftAP, group cipher will be derived using this. Cipher values are valid starting from WIFI_CIPHER_TYPE_TKIP, enum values before that will be considered as invalid and default cipher suites(TKIP+CCMP) will be used. Valid cipher suites in softAP mode are WIFI_CIPHER_TYPE_TKIP, WIFI_CIPHER_TYPE_CCMP, WIFI_CIPHER_TYPE_TKIP_CCMP, WIFI_CIPHER_TYPE_GCMP and WIFI_CIPHER_TYPE_GCMP256. */ bool ftm_responder; /**< Enable FTM Responder mode */ wifi_pmf_config_t pmf_cfg; /**< Configuration for Protected Management Frame */ wifi_sae_pwe_method_t sae_pwe_h2e; /**< Configuration for SAE PWE derivation method */ diff --git a/components/esp_wifi/lib b/components/esp_wifi/lib index 1ebfe9d715..a1ff1a34af 160000 --- a/components/esp_wifi/lib +++ b/components/esp_wifi/lib @@ -1 +1 @@ -Subproject commit 1ebfe9d71544e2433cd2e64bbe596e869a4ffd4f +Subproject commit a1ff1a34af1f4f31ded08fb2d4a62db0518064b5