mpskd: fix incorrect MPSK value assignment

If MPSK is enabled on any interface, `ssid.mpsk` should be true.
Prevents overwriting true with a false value when multiple interfaces
share the same SSID.

Also allow handling of the 'reload' event even when MPSK is not enabled,
to ensure config reloads are not skipped, e.g. when configuration is empty.

Fixes: WIFI-14484

Signed-off-by: Marek Kwaczynski <marek@shasta.cloud>

feeds/ipq807x_v5.4/hostapd/files/mpskd

@@ -144,7 +144,7 @@ function netifd_reload() {
 
 			push(ssid.interfaces, iface.ifname);
 			ssid.bands[band] = iface.ifname;
-			ssid.mpsk = config.multi_psk;
+			ssid.mpsk = ssid?.mpsk ? true : config.multi_psk;
 			for (let sta in iface.stations) {
 				let stacfg = sta.config;
 
@@ -308,18 +308,18 @@ function sta_auth_cache(ifname, addr, idx, phrase) {
 function auth_cb(msg) {
 	let data = msg.data;
 
-	if (!is_ssid_mpsk(data.iface))
-		return;
-
 	printf(`Event ${msg.type}: ${msg.data}\n`);
 	switch (msg.type) {
 	case 'sta_auth':
+		if (!is_ssid_mpsk(data.iface))
+			return;
+
 		return {
 			psk: sta_auth_psk(data.iface, data.sta),
 			force_psk: true,
 		};
 	case 'sta_connected':
-		if (data.psk_idx == null)
+		if (data.psk_idx == null || !is_ssid_mpsk(data.iface))
 			return;
 		return sta_auth_cache(data.iface, data.sta, data.psk_idx, data.psk);
 	case 'reload':

feeds/qca-wifi-7/hostapd/files/hostapd.sh

@@ -777,11 +777,16 @@ hostapd_set_bss_options() {
 			set_default sae_require_mfp 1
 			[ "$ppsk" -eq 0 ] && set_default sae_pwe 2
 		;;
-		psk-sae|psk2-radius|eap-eap2)
+		psk-sae|eap-eap2)
 			set_default ieee80211w 1
 			set_default sae_require_mfp 1
 			[ "$ppsk" -eq 0 ] && set_default sae_pwe 2
 		;;
+                psk2-radius)
+			set_default ieee80211w 1
+			set_default sae_require_mfp 0
+			[ "$ppsk" -eq 0 ] && set_default sae_pwe 4
+                ;;
 	esac
 	[ -n "$sae_require_mfp" ] && append bss_conf "sae_require_mfp=$sae_require_mfp" "$N"
 	[ -n "$sae_pwe" ] && append bss_conf "sae_pwe=$sae_pwe" "$N"

feeds/qca-wifi-7/hostapd/files/mpskd

@@ -144,7 +144,7 @@ function netifd_reload() {
 
 			push(ssid.interfaces, iface.ifname);
 			ssid.bands[band] = iface.ifname;
-			ssid.mpsk = config.multi_psk;
+			ssid.mpsk = ssid?.mpsk ? true : config.multi_psk;
 			for (let sta in iface.stations) {
 				let stacfg = sta.config;
 
@@ -308,18 +308,18 @@ function sta_auth_cache(ifname, addr, idx, phrase) {
 function auth_cb(msg) {
 	let data = msg.data;
 
-	if (!is_ssid_mpsk(data.iface))
-		return;
-
 	printf(`Event ${msg.type}: ${msg.data}\n`);
 	switch (msg.type) {
 	case 'sta_auth':
+		if (!is_ssid_mpsk(data.iface))
+			return;
+
 		return {
 			psk: sta_auth_psk(data.iface, data.sta),
 			force_psk: true,
 		};
 	case 'sta_connected':
-		if (data.psk_idx == null)
+		if (data.psk_idx == null || !is_ssid_mpsk(data.iface))
 			return;
 		return sta_auth_cache(data.iface, data.sta, data.psk_idx, data.psk);
 	case 'reload':