DPP: Enable PMF when adding wpa_supplicant network profile

DPP AKM should really require PMF to be used, but since that is not yet
explicitly required in the specification, make PMF enabled for now. For
legacy PSK cases, configure PMF to be enabled as well to support both
APs in no-PMF, optional-PMF, and required-PMF configuration.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

diff --git a/wpa_supplicant/dpp_supplicant.c b/wpa_supplicant/dpp_supplicant.c
index 1d920b487c9252e399ef84ac09ff4b640f6c614e..15e6b633b077bbc8da4161fa83b60e77645b4bcc 100644 (file)
--- a/wpa_supplicant/dpp_supplicant.c
+++ b/wpa_supplicant/dpp_supplicant.c
@@ -936,6 +936,7 @@ static struct wpa_ssid * wpas_dpp_add_network(struct wpa_supplicant *wpa_s,
 
        if (auth->connector) {
                ssid->key_mgmt = WPA_KEY_MGMT_DPP;
+               ssid->ieee80211w = 1;
                ssid->dpp_connector = os_strdup(auth->connector);
                if (!ssid->dpp_connector)
                        goto fail;
@@ -963,7 +964,8 @@ static struct wpa_ssid * wpas_dpp_add_network(struct wpa_supplicant *wpa_s,
        }
 
        if (!auth->connector) {
-               ssid->key_mgmt = WPA_KEY_MGMT_PSK;
+               ssid->key_mgmt = WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_PSK_SHA256;
+               ssid->ieee80211w = 1;
                if (auth->passphrase[0]) {
                        if (wpa_config_set_quoted(ssid, "psk",
                                                  auth->passphrase) < 0)