espressif/esp-idf
1
0
Fork 1
mirror of https://github.com/espressif/esp-idf.git synced 2025-10-02 18:10:57 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix(wifi): add GCMP-128 support for SoftAP and some other bugfixes

Browse Source 
- GCMP-256 SoftAP support was previously added as part of SAE Extended Key handling.
- Fixes the authmode sent in WIFI_EVENT_STA_CONNECTED, which was previously taken
  directly from the AKM field. This caused incorrect values in some cases.
- Updates the "security" log to show the correct wifi_auth_mode_t.
- Fixes wrong authmode strength used in the connection path.
This commit is contained in:
Sarvesh Bodakhe
2025-08-29 23:40:35 +05:30
parent 9ba4c2cd8e
commit e13e442838
3 changed files with 7 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
components/esp_wifi/include/esp_wifi_types_generic.h
View File

@@ -406,13 +406,13 @@ typedef struct {
uint8_t password[64]; /**< Password of soft-AP. */
uint8_t ssid_len; /**< Optional length of SSID field. */
uint8_t channel; /**< Channel of soft-AP */
wifi_auth_mode_t authmode; /**< Auth mode of soft-AP. Do not support AUTH_WEP, AUTH_WAPI_PSK and AUTH_OWE in soft-AP mode. When the auth mode is set to WPA2_PSK, WPA2_WPA3_PSK or WPA3_PSK, the pairwise cipher will be overwritten with WIFI_CIPHER_TYPE_CCMP. */
wifi_auth_mode_t authmode; /**< Auth mode of soft-AP. Do not support AUTH_WEP, AUTH_WAPI_PSK and AUTH_OWE in soft-AP mode. When the auth mode is set to WPA2_PSK, WPA2_WPA3_PSK or WPA3_PSK, the pairwise cipher will be overwritten with WIFI_CIPHER_TYPE_CCMP by default, unless explicitly set. */
uint8_t ssid_hidden; /**< Broadcast SSID or not, default 0, broadcast the SSID */
uint8_t max_connection; /**< Max number of stations allowed to connect in */
uint16_t beacon_interval; /**< Beacon interval which should be multiples of 100. Unit: TU(time unit, 1 TU = 1024 us). Range: 100 ~ 60000. Default value: 100 */
uint8_t csa_count; /**< Channel Switch Announcement Count. Notify the station that the channel will switch after the csa_count beacon intervals. Default value: 3 */
uint8_t dtim_period; /**< Dtim period of soft-AP. Range: 1 ~ 10. Default value: 1 */
wifi_cipher_type_t pairwise_cipher; /**< Pairwise cipher of SoftAP, group cipher will be derived using this. Cipher values are valid starting from WIFI_CIPHER_TYPE_TKIP, enum values before that will be considered as invalid and default cipher suites(TKIP+CCMP) will be used. Valid cipher suites in softAP mode are WIFI_CIPHER_TYPE_TKIP, WIFI_CIPHER_TYPE_CCMP and WIFI_CIPHER_TYPE_TKIP_CCMP. */
wifi_cipher_type_t pairwise_cipher; /**< Pairwise cipher of SoftAP, group cipher will be derived using this. Cipher values are valid starting from WIFI_CIPHER_TYPE_TKIP, enum values before that will be considered as invalid and default cipher suites(TKIP+CCMP) will be used. Valid cipher suites in softAP mode are WIFI_CIPHER_TYPE_TKIP, WIFI_CIPHER_TYPE_CCMP, WIFI_CIPHER_TYPE_TKIP_CCMP, WIFI_CIPHER_TYPE_GCMP and WIFI_CIPHER_TYPE_GCMP256. */
bool ftm_responder; /**< Enable FTM Responder mode */
wifi_pmf_config_t pmf_cfg; /**< Configuration for Protected Management Frame */
wifi_sae_pwe_method_t sae_pwe_h2e; /**< Configuration for SAE PWE derivation method */

2
components/esp_wifi/lib

Submodule components/esp_wifi/lib updated: cdf01b2d82...51cfbfa1f4

4
components/wpa_supplicant/esp_supplicant/src/esp_hostap.c
View File

@@ -120,6 +120,10 @@ void *hostap_init(void)
auth_conf->wpa_group = WPA_CIPHER_GCMP_256;
auth_conf->wpa_pairwise = WPA_CIPHER_GCMP_256;
auth_conf->rsn_pairwise = WPA_CIPHER_GCMP_256;
} else if (pairwise_cipher == WIFI_CIPHER_TYPE_GCMP) {
auth_conf->wpa_group = WPA_CIPHER_GCMP;
auth_conf->wpa_pairwise = WPA_CIPHER_GCMP;
auth_conf->rsn_pairwise = WPA_CIPHER_GCMP;
} else {
auth_conf->wpa_group = WPA_CIPHER_TKIP;
auth_conf->wpa_pairwise = WPA_CIPHER_CCMP | WPA_CIPHER_TKIP;