hostapd: add support for SAE in PPSK option
authorRany Hany <rany_hany@riseup.net>
Fri, 6 Sep 2024 10:25:24 +0000 (10:25 +0000)
committerHauke Mehrtens <hauke@hauke-m.de>
Sun, 20 Oct 2024 17:27:08 +0000 (19:27 +0200)
commit913368a223c3818d2b5b60b06820532038be3467
treedbc4c12bac62f8c847dcca59aaeb59dbd8628298
parent2a1daeaabd144ea27bdba2203d24a316d0a4fe96
hostapd: add support for SAE in PPSK option

This patch allows the use of SAE when using PPSK after
https://w1.fi/cgit/hostap/commit/?id=fcbdaae8a52e542705a651ee78b39b02935fda20
added support for it.

It also implements a fix so that this option works with SAE. The reason this
doesn't work out of the box is because OpenWRT deviates from hostapd defaults
by setting `sae_pwe` option to 2 which makes this mode not function properly
(results in every auth attempt being denied).

That issue was addressed by not overriding hostapd's default for the `sae_pwe`
option when the PPSK option is in use. This should be fine because hostapd's
test cases specifically test this mode with the default SAE parameters. See:
https://w1.fi/cgit/hostap/commit/?id=c34b35b54e81dbacd9dee513b74604c87f93f6a3

Signed-off-by: Rany Hany <rany_hany@riseup.net>
Link: https://github.com/openwrt/openwrt/pull/16343
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
package/network/config/wifi-scripts/files/lib/netifd/hostapd.sh