Mesh with multiple passwords

[Peter Astrand]

Hi. I'm building a 802.11s solution where it is not acceptable to use a 
single SAE password on all mesh nodes. To handle this, my idea is to use 
SAE Password Identifiers and extend wpa_supplicant to support multiple 
sae_password:s, using the same syntax as for hostapd. Then, use a node 
unique password. During this development, I noticed this commit:

commit 6a673d0fb05557d149e4ff50430991979e476f2a
Author: Jouni Malinen <jouni at codeaurora.org>
Date:   Tue Jan 21 12:57:07 2020 +0200

     tests: Remove mesh SAE Password Identifier test cases for now

     IEEE P802.11-REVmd was modified to require H2E to be used whenever
     Password Identifier is used with SAE. Since wpa_supplicant and mac80211
     do not yet support SAE H2E in mesh, Password Identifier cannot be used
     in mesh cases. Remove the test cases that verified this behavior for now
     to allow H2E to be required per updated REVmd definition. These test
     cases will be restored once H2E is fully functionality in mesh cases.

Any updates on this; when can one expect that wpa_supplicant and mac80211 
supports SAE H2E in mesh? I have confirmed that it does not work with 
latest wpa_supplicant master on Linux 5.4, but perhaps it will if 
https://patchwork.kernel.org/project/linux-wireless/patch/20200731183830.18735-1-jouni@codeaurora.org/ 
is applied?

Otherwise, I need to find some other solution. EAP-PWD looks interesting, 
but as I understand it, SAE is the only option for Mesh right now.


Best regards,
Peter Åstrand