Hostapd require access to the wpa_psk_file to insert data in the context
of WPS usage.
>From hostapd.conf documentation:
Note: If wpa_psk_file is set, WPS is used to generate random, per-device PSKs
that will be appended to the wpa_psk_file. If wpa_psk_file is not set, the
default PSK (wpa_psk/wpa_passphrase) will be delivered to Enrollees. Use of
per-device PSKs is recommended as the more secure option (i.e., make sure to
set wpa_psk_file when using WPS with WPA-PSK).
Since we set the option by default, we involuntary enabled also this WPS
feature, that was broken all this time because we create the
wpa_psk_file as root and hostapd doesn't have access to it to write the
per-device psk.
Giving correct permission makes hostapd correctly write the entry and
permits devices connected with WPS Push-Button to re-authenticate on
next connection.
Signed-off-by: Christian Marangi <ansuels...@gmail.com>
---
.../network/config/wifi-scripts/files/lib/netifd/hostapd.sh | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/package/network/config/wifi-scripts/files/lib/netifd/hostapd.sh
b/package/network/config/wifi-scripts/files/lib/netifd/hostapd.sh
index 763702e76b..a357418fe1 100644
--- a/package/network/config/wifi-scripts/files/lib/netifd/hostapd.sh
+++ b/package/network/config/wifi-scripts/files/lib/netifd/hostapd.sh
@@ -689,7 +689,10 @@ hostapd_set_bss_options() {
fi
[ -z "$wpa_psk_file" ] && set_default wpa_psk_file
/var/run/hostapd-$ifname.psk
[ -n "$wpa_psk_file" ] && {
- [ -e "$wpa_psk_file" ] || touch "$wpa_psk_file"
+ [ -e "$wpa_psk_file" ] || {
+ touch "$wpa_psk_file"
+ chown network:network "$wpa_psk_file"
+ }
append bss_conf "wpa_psk_file=$wpa_psk_file"
"$N"
}
[ "$eapol_version" -ge "1" -a "$eapol_version" -le "2"
] && append bss_conf "eapol_version=$eapol_version" "$N"
--
2.43.0
_______________________________________________
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
