diff --git a/include/zephyr/net/wifi_mgmt.h b/include/zephyr/net/wifi_mgmt.h index 7a812c4fa7e7474..17d0beb215d1e07 100644 --- a/include/zephyr/net/wifi_mgmt.h +++ b/include/zephyr/net/wifi_mgmt.h @@ -363,7 +363,7 @@ struct wifi_connect_req_params { /** Channel */ uint8_t channel; /** Security type */ - enum wifi_security_type security; + uint32_t security; /** MFP options */ enum wifi_mfp_options mfp; /** BSSID */ diff --git a/subsys/net/l2/wifi/wifi_mgmt.c b/subsys/net/l2/wifi/wifi_mgmt.c index 5ef047e6c72ba6a..2d6ac4ada6a7317 100644 --- a/subsys/net/l2/wifi/wifi_mgmt.c +++ b/subsys/net/l2/wifi/wifi_mgmt.c @@ -270,15 +270,14 @@ static int wifi_connect(uint32_t mgmt_request, struct net_if *iface, } NET_DBG("ch %u sec %u", params->channel, params->security); - if ((params->security > WIFI_SECURITY_TYPE_MAX) || - (params->ssid_length > WIFI_SSID_MAX_LEN) || + if ((params->ssid_length > WIFI_SSID_MAX_LEN) || (params->ssid_length == 0U) || - ((params->security == WIFI_SECURITY_TYPE_PSK || - params->security == WIFI_SECURITY_TYPE_WPA_PSK || - params->security == WIFI_SECURITY_TYPE_PSK_SHA256) && + (((params->security & BIT(WIFI_SECURITY_TYPE_PSK)) || + (params->security & BIT(WIFI_SECURITY_TYPE_WPA_PSK)) || + (params->security & BIT(WIFI_SECURITY_TYPE_PSK_SHA256))) && ((params->psk_length < 8) || (params->psk_length > 64) || (params->psk_length == 0U) || !params->psk)) || - ((params->security == WIFI_SECURITY_TYPE_SAE) && + ((params->security & BIT(WIFI_SECURITY_TYPE_SAE)) && ((params->psk_length == 0U) || !params->psk) && ((params->sae_password_length == 0U) || !params->sae_password)) || ((params->channel != WIFI_CHANNEL_ANY) && diff --git a/subsys/net/l2/wifi/wifi_shell.c b/subsys/net/l2/wifi/wifi_shell.c index d985d810ed02bfb..9e97ceb908552d3 100644 --- a/subsys/net/l2/wifi/wifi_shell.c +++ b/subsys/net/l2/wifi/wifi_shell.c @@ -470,6 +470,8 @@ static int __wifi_args_to_params(const struct shell *sh, size_t argc, char *argv char bands_str[MAX_BANDS_STR_LEN] = {0}; size_t offset = 0; long channel; + char *security = NULL; + char *security_num = NULL; /* Defaults */ params->band = WIFI_FREQ_BAND_UNKNOWN; @@ -490,10 +492,32 @@ static int __wifi_args_to_params(const struct shell *sh, size_t argc, char *argv } break; case 'k': - params->security = atoi(optarg); + params->security = BIT(WIFI_SECURITY_TYPE_PSK); + params->mfp = WIFI_MFP_OPTIONAL; + + /* Security type (optional) */ + + security = (char *)k_malloc(strlen(optarg)); + + if (!security) { + PR_ERROR("Failed to allocate memory for security config\n"); + return -ENOMEM; + } + + memset(security, 0, strlen(optarg)); + strcpy(security, optarg); + + security_num = strtok(security, ","); + + while (security_num) { + params->security |= BIT(atoi(security_num)); + security_num = strtok(NULL, ","); + } + if (params->security) { secure_connection = true; } + k_free(security); break; case 'p': if (secure_connection) { @@ -1873,7 +1897,8 @@ SHELL_STATIC_SUBCMD_SET_CREATE(wifi_commands, "[-c --channel]: Channel that needs to be scanned for connection. 0:any channel.\n" "[-b, --band] 0: any band (2:2.4GHz, 5:5GHz, 6:6GHz]\n" "[-p, --psk]: Passphrase (valid only for secure SSIDs)\n" - "[-k, --key-mgmt]: Key Management type (valid only for secure SSIDs)\n" + "[-k, --key-mgmt]: Key Management type (valid only for secure SSIDs). User can provide multiple Security types by giving comma-separated string]\n" + "eg., \"1,2,3\" for \"WPA2-PSK,WPA2-PSK-256,SAE\"\n" "0:None, 1:WPA2-PSK, 2:WPA2-PSK-256, 3:SAE, 4:WAPI, 5:EAP, 6:WEP, 7: WPA-PSK\n" "[-w, --ieee-80211w]: MFP (optional: needs security type to be specified)\n" ": 0:Disable, 1:Optional, 2:Required.\n"