diff --git a/rh1567474-0001-D-Bus-Implement-Pmf-property.patch b/rh1567474-0001-D-Bus-Implement-Pmf-property.patch
new file mode 100644
index 0000000..7e3e95d
--- /dev/null
+++ b/rh1567474-0001-D-Bus-Implement-Pmf-property.patch
@@ -0,0 +1,141 @@
+From adf8f45f8af27a9ac9429ecde81776b19b6f9224 Mon Sep 17 00:00:00 2001
+Message-Id: <adf8f45f8af27a9ac9429ecde81776b19b6f9224.1525963452.git.davide.caratti@gmail.com>
+From: Stijn Tintel <stijn@linux-ipv6.be>
+Date: Thu, 12 Jan 2017 17:13:26 +0100
+Subject: [PATCH] D-Bus: Implement Pmf property
+
+The Pmf property is documented in doc/dbus.doxygen, but does not exist,
+so implement it.
+
+Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
+---
+ wpa_supplicant/dbus/dbus_new.c          | 12 +++++++
+ wpa_supplicant/dbus/dbus_new.h          |  1 +
+ wpa_supplicant/dbus/dbus_new_handlers.c | 55 +++++++++++++++++++++++++++++++++
+ wpa_supplicant/dbus/dbus_new_handlers.h |  2 ++
+ 4 files changed, 70 insertions(+)
+
+diff --git a/wpa_supplicant/dbus/dbus_new.c b/wpa_supplicant/dbus/dbus_new.c
+index a60118254..0c355f799 100644
+--- a/wpa_supplicant/dbus/dbus_new.c
++++ b/wpa_supplicant/dbus/dbus_new.c
+@@ -1987,6 +1987,11 @@ void wpas_dbus_signal_prop_changed(struct wpa_supplicant *wpa_s,
+ 	case WPAS_DBUS_PROP_AP_SCAN:
+ 		prop = "ApScan";
+ 		break;
++#ifdef CONFIG_IEEE80211W
++	case WPAS_DBUS_PROP_PMF:
++		prop = "Pmf";
++		break;
++#endif /* CONFIG_IEEE80211W */
+ 	case WPAS_DBUS_PROP_SCANNING:
+ 		prop = "Scanning";
+ 		break;
+@@ -3138,6 +3143,13 @@ static const struct wpa_dbus_property_desc wpas_dbus_interface_properties[] = {
+ 	  wpas_dbus_setter_ap_scan,
+ 	  NULL
+ 	},
++#ifdef CONFIG_IEEE80211W
++	{ "Pmf", WPAS_DBUS_NEW_IFACE_INTERFACE, "u",
++	  wpas_dbus_getter_pmf,
++	  wpas_dbus_setter_pmf,
++	  NULL
++	},
++#endif /* CONFIG_IEEE80211W */
+ 	{ "BSSExpireAge", WPAS_DBUS_NEW_IFACE_INTERFACE, "u",
+ 	  wpas_dbus_getter_bss_expire_age,
+ 	  wpas_dbus_setter_bss_expire_age,
+diff --git a/wpa_supplicant/dbus/dbus_new.h b/wpa_supplicant/dbus/dbus_new.h
+index 2b0b775d3..bd0e07433 100644
+--- a/wpa_supplicant/dbus/dbus_new.h
++++ b/wpa_supplicant/dbus/dbus_new.h
+@@ -22,6 +22,7 @@ struct wps_credential;
+ 
+ enum wpas_dbus_prop {
+ 	WPAS_DBUS_PROP_AP_SCAN,
++	WPAS_DBUS_PROP_PMF,
+ 	WPAS_DBUS_PROP_SCANNING,
+ 	WPAS_DBUS_PROP_STATE,
+ 	WPAS_DBUS_PROP_CURRENT_BSS,
+diff --git a/wpa_supplicant/dbus/dbus_new_handlers.c b/wpa_supplicant/dbus/dbus_new_handlers.c
+index e36226d86..094301045 100644
+--- a/wpa_supplicant/dbus/dbus_new_handlers.c
++++ b/wpa_supplicant/dbus/dbus_new_handlers.c
+@@ -2787,6 +2787,61 @@ dbus_bool_t wpas_dbus_setter_ap_scan(
+ }
+ 
+ 
++#ifdef CONFIG_IEEE80211W
++
++/**
++ * wpas_dbus_getter_pmf - Control PMF default
++ * @iter: Pointer to incoming dbus message iter
++ * @error: Location to store error on failure
++ * @user_data: Function specific data
++ * Returns: TRUE on success, FALSE on failure
++ *
++ * Getter function for "Pmf" property.
++ */
++dbus_bool_t wpas_dbus_getter_pmf(
++	const struct wpa_dbus_property_desc *property_desc,
++	DBusMessageIter *iter, DBusError *error, void *user_data)
++{
++	struct wpa_supplicant *wpa_s = user_data;
++	dbus_uint32_t pmf = wpa_s->conf->pmf;
++
++	return wpas_dbus_simple_property_getter(iter, DBUS_TYPE_UINT32,
++						&pmf, error);
++}
++
++
++/**
++ * wpas_dbus_setter_pmf - Control PMF default
++ * @iter: Pointer to incoming dbus message iter
++ * @error: Location to store error on failure
++ * @user_data: Function specific data
++ * Returns: TRUE on success, FALSE on failure
++ *
++ * Setter function for "Pmf" property.
++ */
++dbus_bool_t wpas_dbus_setter_pmf(
++	const struct wpa_dbus_property_desc *property_desc,
++	DBusMessageIter *iter, DBusError *error, void *user_data)
++{
++	struct wpa_supplicant *wpa_s = user_data;
++	dbus_uint32_t pmf;
++
++	if (!wpas_dbus_simple_property_setter(iter, error, DBUS_TYPE_UINT32,
++					      &pmf))
++		return FALSE;
++
++	if (pmf > 2) {
++		dbus_set_error_const(error, DBUS_ERROR_FAILED,
++				     "Pmf must be 0, 1, or 2");
++		return FALSE;
++	}
++	wpa_s->conf->pmf = pmf;
++	return TRUE;
++}
++
++#endif /* CONFIG_IEEE80211W */
++
++
+ /**
+  * wpas_dbus_getter_fast_reauth - Control fast
+  * reauthentication (TLS session resumption)
+diff --git a/wpa_supplicant/dbus/dbus_new_handlers.h b/wpa_supplicant/dbus/dbus_new_handlers.h
+index fe8767a11..3b8f0966f 100644
+--- a/wpa_supplicant/dbus/dbus_new_handlers.h
++++ b/wpa_supplicant/dbus/dbus_new_handlers.h
+@@ -138,6 +138,8 @@ DECLARE_ACCESSOR(wpas_dbus_getter_state);
+ DECLARE_ACCESSOR(wpas_dbus_getter_scanning);
+ DECLARE_ACCESSOR(wpas_dbus_getter_ap_scan);
+ DECLARE_ACCESSOR(wpas_dbus_setter_ap_scan);
++DECLARE_ACCESSOR(wpas_dbus_getter_pmf);
++DECLARE_ACCESSOR(wpas_dbus_setter_pmf);
+ DECLARE_ACCESSOR(wpas_dbus_getter_fast_reauth);
+ DECLARE_ACCESSOR(wpas_dbus_setter_fast_reauth);
+ DECLARE_ACCESSOR(wpas_dbus_getter_disconnect_reason);
+-- 
+2.14.3
+
diff --git a/rh1567474-0002-D-Bus-Add-pmf-to-global-capabilities.patch b/rh1567474-0002-D-Bus-Add-pmf-to-global-capabilities.patch
new file mode 100644
index 0000000..23625e9
--- /dev/null
+++ b/rh1567474-0002-D-Bus-Add-pmf-to-global-capabilities.patch
@@ -0,0 +1,31 @@
+From 3cdb4ac074f76accf24a51d143db545afad2c90b Mon Sep 17 00:00:00 2001
+Message-Id: <3cdb4ac074f76accf24a51d143db545afad2c90b.1525963467.git.davide.caratti@gmail.com>
+From: Stijn Tintel <stijn@linux-ipv6.be>
+Date: Thu, 5 Jan 2017 16:06:33 +0100
+Subject: [PATCH] D-Bus: Add pmf to global capabilities
+
+This indicates that the wpa_supplicant binary has been compiled with PMF
+support.
+
+Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
+---
+ wpa_supplicant/dbus/dbus_new_handlers.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/wpa_supplicant/dbus/dbus_new_handlers.c b/wpa_supplicant/dbus/dbus_new_handlers.c
+index 094301045..87581c900 100644
+--- a/wpa_supplicant/dbus/dbus_new_handlers.c
++++ b/wpa_supplicant/dbus/dbus_new_handlers.c
+@@ -991,6 +991,9 @@ dbus_bool_t wpas_dbus_getter_global_capabilities(
+ #ifdef CONFIG_INTERWORKING
+ 	capabilities[num_items++] = "interworking";
+ #endif /* CONFIG_INTERWORKING */
++#ifdef CONFIG_IEEE80211W
++	capabilities[num_items++] = "pmf";
++#endif /* CONFIG_IEEE80211W */
+ 
+ 	return wpas_dbus_simple_array_property_getter(iter,
+ 						      DBUS_TYPE_STRING,
+-- 
+2.14.3
+
diff --git a/wpa_supplicant.spec b/wpa_supplicant.spec
index 3cd0de9..20eb796 100644
--- a/wpa_supplicant.spec
+++ b/wpa_supplicant.spec
@@ -7,7 +7,7 @@ Summary: WPA/WPA2/IEEE 802.1X Supplicant
 Name: wpa_supplicant
 Epoch: 1
 Version: 2.6
-Release: 14%{?dist}
+Release: 15%{?dist}
 License: BSD
 Group: System Environment/Base
 Source0: http://w1.fi/releases/%{name}-%{version}%{rcver}%{snapshot}.tar.gz
@@ -99,6 +99,10 @@ Patch58: rh1465138-openssl-Fix-openssl-1-1-private-key-callback.patch
 Patch59: rh1497640-mka-add-error-handling-for-secy_init_macsec.patch
 Patch60: rh1497640-pae-validate-input-before-pointer.patch
 
+# make PMF configurable using D-Bus (rh #1567474)
+Patch61: rh1567474-0001-D-Bus-Implement-Pmf-property.patch
+Patch62: rh1567474-0002-D-Bus-Add-pmf-to-global-capabilities.patch
+
 URL: http://w1.fi/wpa_supplicant/
 
 %if %{build_gui}
@@ -200,6 +204,8 @@ Graphical User Interface for wpa_supplicant written using QT
 %patch58 -p1 -b .rh1465138-openssl-cb
 %patch59 -p1 -b .rh1487640-mka
 %patch60 -p1 -b .rh1487640-pae
+%patch61 -p1 -b .rh1567474-pmf-0001
+%patch62 -p1 -b .rh1567474-pmf-0002
 
 %build
 pushd wpa_supplicant
@@ -297,6 +303,9 @@ chmod -R 0644 %{name}/examples/*.py
 %endif
 
 %changelog
+* Fri May 11 2018 Davide Caratti <dcaratti@redhat.com> - 1:2.6-15
+- Make PMF configurable using D-Bus (rh#1567474)
+
 * Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1:2.6-14
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild