[PATCH] DPP: Convert AKM to PSK/SAE for legacy DPP1 client

Wystan Schmidt wystans at gmail.com
Wed Feb 10 19:18:32 EST 2021 

Fix the new lines in the patch.

---
 src/common/dpp.c | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/src/common/dpp.c b/src/common/dpp.c
index 3c8c7682d..aad99253e 100644
--- a/src/common/dpp.c
+++ b/src/common/dpp.c
@@ -1450,9 +1450,15 @@ dpp_build_conf_obj_dpp(struct dpp_authentication *auth,

        akm = conf->akm;
        if (dpp_akm_ver2(akm) && auth->peer_version < 2) {
-               wpa_printf(MSG_DEBUG,
-                          "DPP: Convert DPP+legacy credential to
DPP-only for peer that does not support version 2");
-               akm = DPP_AKM_DPP;
+               if (akm == DPP_AKM_PSK_SAE_DPP) {
+            wpa_printf(MSG_DEBUG,
+                   "DPP: Convert DPP+legacy credential to legacy
WPA2-PSK for peer that does not support version 2");
+            akm = DPP_AKM_PSK;
+        } else if (akm == DPP_AKM_SAE_DPP) {
+            wpa_printf(MSG_DEBUG,
+                   "DPP: Convert DPP+legacy credential to WPA3 for
peer that does not support version 2");
+            akm = DPP_AKM_SAE;
+        }
        }

 #ifdef CONFIG_TESTING_OPTIONS
--
2.24.3 (Apple Git-128)

On Wed, Feb 10, 2021 at 5:04 PM Wystan Schmidt <wystans at gmail.com> wrote:
>
> Currently, hostapd will convert a DPP2 Config object
> to a DPP-only config for a legacy DPP1 client.
>
> However, Android 10+ phones, the only potential DPP1
> clients (AFAIK), do not support the DPP-AKM and will fail
> when given a DPP-AKM object.
>
> This will ensure the current Android implementation
> can connect using DPP.
>
> Signed-off-by: Wystan Schmidt <wystans at gmail.com>
> ---
>  src/common/dpp.c | 12 +++++++++---
>  1 file changed, 9 insertions(+), 3 deletions(-)
>
> diff --git a/src/common/dpp.c b/src/common/dpp.c
> index 3c8c7682d..aad99253e 100644
> --- a/src/common/dpp.c
> +++ b/src/common/dpp.c
> @@ -1450,9 +1450,15 @@ dpp_build_conf_obj_dpp(struct dpp_authentication *auth,
>
>         akm = conf->akm;
>         if (dpp_akm_ver2(akm) && auth->peer_version < 2) {
> -               wpa_printf(MSG_DEBUG,
> -                          "DPP: Convert DPP+legacy credential to
> DPP-only for peer that does not support version 2");
> -               akm = DPP_AKM_DPP;
> +               if (akm == DPP_AKM_PSK_SAE_DPP) {
> +            wpa_printf(MSG_DEBUG,
> +                   "DPP: Convert DPP+legacy credential to legacy
> WPA2-PSK for peer that does not support version 2");
> +            akm = DPP_AKM_PSK;
> +        } else if (akm == DPP_AKM_SAE_DPP) {
> +            wpa_printf(MSG_DEBUG,
> +                   "DPP: Convert DPP+legacy credential to WPA3 for
> peer that does not support version 2");
> +            akm = DPP_AKM_SAE;
> +        }
>         }
>
>  #ifdef CONFIG_TESTING_OPTIONS
> --
> 2.24.3 (Apple Git-128)

More information about the Hostap mailing list