I tested your solution a bit and it seems to be working: it's a bit slower because wpa_supplicant makes more than one attempt before disabling the block and trying the other, but it does work. Thank you! rnhmjoj On 02-01-22, Dennis Bland wrote: > Hi Michele: > > You can create two similar netblocks of different priority (higher > number = higher priority). The higher priority netblock will be > compared with the scan results first. > > For example, to try matching with SAE first: > > network={ > ssid="mynetwork" > psk="mypassword" > key_mgmt=SAE > ieee80211w=2 > priority=10 > } > network={ > ssid="mynetwork" > psk="mypassword" > key_mgmt=WPA-PSK > ieee80211w=1 > priority=5 > } > > Best regards, > > Dennis > > > Hi all, > > > > I'm the maintainer of the NixOS module[^1] for wpa_supplicant. > > I'd like to know if it's possible to write a network block that will > > always work for to both WPA2 and WPA3 networks. Based on the > > documentation I wrote: > > > > network={ > > ssid="mynetwork" > > psk="mypassword" > > key_mgmt=SAE WPA-PSK > > ieee80211w=1 > > } > > > > This seem to work: > > 1. if the network is mixed SAE WPA-PSK, wpa_supplicant uses SAE > > 2. if the network is WPA-PSK or SAE only, wpa_supplicant uses that > > However, if (in case 1.) SAE fails for some reason, wpa_supplicant > > will not fallback to WPA-PSK but keep trying SAE forever. > > This is an issue, for example, if the hardware lacks PMF support. > > > > Is there a way to configure SAE opportunistically? Try SAE first, > > if it succeeds use that, otherwise try another protocol. > > > > Thank you, > > > > rnhmjoj > > > > > > [^1]: If you never heard of NixOS, that is basically a high-level > > interface for generating wpa_supplicant config file. > > _______________________________________________ > Hostap mailing list > Hostap@xxxxxxxxxxxxxxxxxxx > http://lists.infradead.org/mailman/listinfo/hostap
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap