git.ipfire.org Git - thirdparty/hostap.git/commit

author	Jouni Malinen <jouni@codeaurora.org>
	Sat, 28 Mar 2020 13:06:15 +0000 (15:06 +0200)
committer	Jouni Malinen <j@w1.fi>
	Sat, 28 Mar 2020 15:23:22 +0000 (17:23 +0200)
commit	5058f771d917a5683b0c9a6eca3ddc4519ff901f
tree	d0c494c59f76d93375edea797cf47b345e0a2a20	tree \| snapshot
parent	7c021dec3a95803fc129d8533adcaeea82910c9c	commit \| diff

DPP2: Allow station to require or not allow PFS

The new wpa_supplicant network profile parameter dpp_pfs can be used to
specify how PFS is applied to associations. The default behavior
(dpp_pfs=0) remains same as it was previously, i.e., try to use PFS if
the AP supports it. PFS use can now be required (dpp_pfs=1) or disabled
(dpp_pfs=2).

This is also working around an interoperability issue of DPP R2 STA with
certain hostapd builds that included both OWE and DPP functionality.
That issue was introduced by commit 09368515d130 ("OWE: Process
Diffie-Hellman Parameter element in AP mode") and removed by commit
16a4e931f03e ("OWE: Allow Diffie-Hellman Parameter element to be
included with DPP"). hostapd builds between those two commits would
reject DPP association attempt with PFS. The new wpa_supplicant default
(dpp_pfs=0) behavior is to automatically try to connect again with PFS
disabled if that happens.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>

wpa_supplicant/config.c		diff \| blob \| blame \| history
wpa_supplicant/config_file.c		diff \| blob \| blame \| history
wpa_supplicant/config_ssid.h		diff \| blob \| blame \| history
wpa_supplicant/ctrl_iface.c		diff \| blob \| blame \| history
wpa_supplicant/events.c		diff \| blob \| blame \| history
wpa_supplicant/sme.c		diff \| blob \| blame \| history
wpa_supplicant/wpa_supplicant.c		diff \| blob \| blame \| history
wpa_supplicant/wpa_supplicant.conf		diff \| blob \| blame \| history
wpa_supplicant/wpa_supplicant_i.h		diff \| blob \| blame \| history