projects / project / netifd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4711f74) | patch
scripts/netifd-wireless.sh: properly fix WPA3 Enterprise support
authorFelix Fietkau <nbd@nbd.name>
Thu, 31 Aug 2023 09:19:04 +0000 (11:19 +0200)
committerFelix Fietkau <nbd@nbd.name>
Thu, 31 Aug 2023 10:57:44 +0000 (12:57 +0200)
commitdb3934d2f740bdfe8537933741f71b439a109422
tree106dab4147c4b74f9bee7196955b63c80343610ctree | snapshot
parent4711f74479e213ef86f8792b408b117d40148eb2commit | diff
scripts/netifd-wireless.sh: properly fix WPA3 Enterprise support

Support the following values for the different WPA3 Enterprise modes:

- wpa3-mixed: WPA3 Enterprise transitional mode
This supports EAP with both SHA1 and SHA-256, with optional MFP
- wpa3: WPA3 Enterprise only mode
This supports only SHA256 with mandatory MFP
- wpa3-192: WPA3 Enterprise with mandatory 192 bit support
This uses only GCMP-256 ciphers

Disable 192 bit support and GCMP-256 ciphers for the regular "wpa3" mode.
It seems that even leaving in optional 192 bit support breaks auth on some
clients, including iOS devices.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
scripts/netifd-wireless.sh diff | blob | history
OpenWrt Network interface configuration daemon