On Wed, Dec 03, 2025 at 07:52:15PM +0100, Peter Hessler wrote:
> This buglet prevents me from connecting to my TP-Link wifi router at home
> while using join.  However, I could connect when using nwid.
> 
> 
> :+	}
> : 
> : 	if (wpa->i_groupcipher == IEEE80211_WPA_CIPHER_WEP40)
> : 		ess->rsngroupcipher = IEEE80211_CIPHER_WEP40;
> 
> While there, I strictly didn't need to change the default
> IEEE80211_AKM_PSK line, but now it matches how we always fold it in from
> above.
> 
> OK for the below patch?

Ooop, silly mistake. Nice catch, thanks!

> Index: sys/net80211/ieee80211_node.c
> ===================================================================
> RCS file: /cvs/openbsd/src/sys/net80211/ieee80211_node.c,v
> diff -u -p -u -p -r1.206 ieee80211_node.c
> --- sys/net80211/ieee80211_node.c	3 Dec 2025 10:21:12 -0000	1.206
> +++ sys/net80211/ieee80211_node.c	3 Dec 2025 18:32:11 -0000
> @@ -303,9 +303,9 @@ ieee80211_ess_setwpaparms(struct ieee802
>  	if (wpa->i_akms & IEEE80211_WPA_AKM_SAE)
>  		ess->rsnakms |= IEEE80211_AKM_SAE;
>  	if (ess->rsnakms == 0)	{ /* set to default (PSK) */
> -		ess->rsnakms = IEEE80211_AKM_PSK;
> +		ess->rsnakms |= IEEE80211_AKM_PSK;

The above is not strictly needed since the value is known to equal
zero if we get here. But either way, ok with me.

>  		if (ic->ic_caps & IEEE80211_C_MFP)
> -			ess->rsnakms = IEEE80211_AKM_SHA256_PSK;
> +			ess->rsnakms |= IEEE80211_AKM_SHA256_PSK;
>  	}
>  
>  	if (wpa->i_groupcipher == IEEE80211_WPA_CIPHER_WEP40)