From: David Bauer Date: Mon, 28 Oct 2019 18:10:14 +0000 (+0100) Subject: hostapd: enable PMKSA and OK caching for WPA3-Personal X-Git-Url: http://git.cdn.openwrt.org/?a=commitdiff_plain;h=3034f8c3b85e70b1dd9b4cd5cd33e9d2cd8be3b8;p=openwrt%2Fstaging%2Fadrian.git hostapd: enable PMKSA and OK caching for WPA3-Personal This enables PMKSA and opportunistic key caching by default for WPA2/WPA3-Personal, WPA3-Personal and OWE auth types. Otherwise, Apple devices won't connect to the WPA3 network. This should not degrade security, as there's no external authentication provider. Tested with OCEDO Koala and iPhone 7 (iOS 13.1). Signed-off-by: David Bauer --- diff --git a/package/network/services/hostapd/files/hostapd.sh b/package/network/services/hostapd/files/hostapd.sh index f0dc997e91..3c1504ca60 100644 --- a/package/network/services/hostapd/files/hostapd.sh +++ b/package/network/services/hostapd/files/hostapd.sh @@ -553,7 +553,14 @@ hostapd_set_bss_options() { append bss_conf "rsn_preauth=1" "$N" append bss_conf "rsn_preauth_interfaces=$network_bridge" "$N" else - set_default auth_cache 0 + case "$auth_type" in + sae|psk-sae|owe) + set_default auth_cache 1 + ;; + *) + set_default auth_cache 0 + ;; + esac fi append bss_conf "okc=$auth_cache" "$N"