From patchwork Wed Aug 22 16:49:04 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 960953 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=intel.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="UjZg3rkb"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 41wSWx6sCKz9s8F for ; Wed, 22 Aug 2018 23:07:57 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:MIME-Version:Cc:List-Subscribe: List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:Message-Id:Date: Subject:To:From:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Owner; bh=auFa/s6BLGDDSqauR4VZYtObaBcpYX87H2TYUN468x4=; b=UjZ g3rkboeO01ctrpwjm0QTaUAnnInFQcCmczpGdZi1jr5BP5LgkMqGD5HTPqOcL9hEchkFFE77vxVKn ItJAQDVGoaGU5lZod/VRRSlu09n3bricqAd2DdmGfmekMVPnqouxz5YQEGT5+X6XNNbucrbL69+Gz M8IRVOZ4txsfZ/9V5Fr9DxHR1rfJcKVX0j/9xtnUhWP9eotEuNFs7g9UdYY4ZsbwR0x+OhuZa6R7Q ovU2ccYYd8vPwXDvhKmxmKuZqR/x9BU3EEUzSQ+46In7vvVjmtAzct01FI5XWjlzTSSzGveijKUCk 239jW+s/BzbiPyqvc41BRReN2cGuBUA==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.90_1 #2 (Red Hat Linux)) id 1fsSrY-0005lm-5L; Wed, 22 Aug 2018 13:07:52 +0000 Received: from mga17.intel.com ([192.55.52.151]) by bombadil.infradead.org with esmtps (Exim 4.90_1 #2 (Red Hat Linux)) id 1fsSe8-0005ZY-3N for hostap@lists.infradead.org; Wed, 22 Aug 2018 12:54:01 +0000 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga107.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 22 Aug 2018 05:53:47 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.53,274,1531810800"; d="scan'208";a="226746735" Received: from unknown (HELO andrei-XPS-12-9Q33.ger.corp.intel.com) ([10.12.217.183]) by orsmga004.jf.intel.com with ESMTP; 22 Aug 2018 05:53:39 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Subject: [PATCH] OWE: Improve discovery of OWE transition mode AP Date: Wed, 22 Aug 2018 19:49:04 +0300 Message-Id: <1534956548-8088-3-git-send-email-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.7.4 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20180822_055400_274668_6B34373F X-CRM114-Status: GOOD ( 16.62 ) X-Spam-Score: 0.1 (/) X-Spam-Report: SpamAssassin version 3.4.1 on bombadil.infradead.org summary: Content analysis details: (0.1 points) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at http://www.dnswl.org/, medium trust [192.55.52.151 listed in list.dnswl.org] 2.4 DATE_IN_FUTURE_03_06 Date: is 3 to 6 hours after Received: date -0.0 SPF_PASS SPF: sender matches SPF record X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Ilan Peer MIME-Version: 1.0 Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Ilan Peer An OWE AP device that supports transition mode does not transmit the SSID of the OWE AP in its beacons and in addition the OWE AP does not reply to broadcast probe requests. Thus, the scan results matching relies only on beacons from the OWE open AP which can be missed in case the AP's frequency is actively scanned. To improve the discovery of transition modes AP, include their SSID in the scan command. Signed-off-by: Ilan Peer --- wpa_supplicant/scan.c | 154 ++++++++++++++++++++++++++++++++++++++------------ 1 file changed, 118 insertions(+), 36 deletions(-) diff --git a/wpa_supplicant/scan.c b/wpa_supplicant/scan.c index 104b258..05f2d7c 100644 --- a/wpa_supplicant/scan.c +++ b/wpa_supplicant/scan.c @@ -643,6 +643,93 @@ static void wpa_setband_scan_freqs(struct wpa_supplicant *wpa_s, } +static void wpa_add_scan_ssid(struct wpa_supplicant *wpa_s, + struct wpa_driver_scan_params *params, + size_t max_ssids, u8 *ssid, size_t ssid_len) +{ + unsigned int j; + + for (j = 0; j < params->num_ssids; j++) { + if (params->ssids[j].ssid_len == ssid_len && + params->ssids[j].ssid && + os_memcmp(params->ssids[j].ssid, ssid, + ssid_len) == 0) + break; + } + + if (j < params->num_ssids) + return; + + if (params->num_ssids + 1 > max_ssids) { + wpa_printf(MSG_DEBUG, + "Over max scan SSIDs for manual request"); + return; + } + + wpa_printf(MSG_DEBUG, "Scan SSID (manual request): %s", + wpa_ssid_txt(ssid, ssid_len)); + + params->ssids[params->num_ssids].ssid = ssid; + params->ssids[params->num_ssids].ssid_len = ssid_len; + params->num_ssids++; +} + + +static void wpa_add_owe_scan_ssid(struct wpa_supplicant *wpa_s, + struct wpa_driver_scan_params *params, + struct wpa_ssid *ssid, size_t max_ssids) +{ +#ifdef CONFIG_OWE + struct wpa_bss *bss; + + if (!(ssid->key_mgmt & WPA_KEY_MGMT_OWE)) + return; + + wpa_printf(MSG_DEBUG, + "OWE: look for transition mode AP. ssid=%s", + wpa_ssid_txt(ssid->ssid, ssid->ssid_len)); + + dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) { + const u8 *owe, *pos, *end; + u8 *owe_ssid; + size_t owe_ssid_len; + + if (bss->ssid_len != ssid->ssid_len || + os_memcmp(bss->ssid, ssid->ssid, ssid->ssid_len)) + continue; + + owe = wpa_bss_get_vendor_ie(bss, OWE_IE_VENDOR_TYPE); + if (!owe) + continue; + + pos = owe + 6; + end = owe + 2 + owe[1]; + + /* must include BSSID and ssid_len */ + if (end - pos < ETH_ALEN + 1) + return; + + /* skip BSSID */ + pos += ETH_ALEN; + owe_ssid_len = *pos++; + owe_ssid = (u8 *)pos; + + if ((size_t)(end - pos) < owe_ssid_len || + owe_ssid_len > SSID_MAX_LEN) + return; + + wpa_printf(MSG_DEBUG, + "OWE: scan_ssids: transition mode OWE ssid=%s", + wpa_ssid_txt(owe_ssid, owe_ssid_len)); + + wpa_add_scan_ssid(wpa_s, params, max_ssids, + owe_ssid, owe_ssid_len); + return; + } +#endif /* CONFIG_OWE */ +} + + static void wpa_set_scan_ssids(struct wpa_supplicant *wpa_s, struct wpa_driver_scan_params *params, size_t max_ssids) @@ -657,33 +744,17 @@ static void wpa_set_scan_ssids(struct wpa_supplicant *wpa_s, max_ssids = max_ssids > 1 ? max_ssids - 1 : max_ssids; for (i = 0; i < wpa_s->scan_id_count; i++) { - unsigned int j; - ssid = wpa_config_get_network(wpa_s->conf, wpa_s->scan_id[i]); - if (!ssid || !ssid->scan_ssid) + if (!ssid) continue; - - for (j = 0; j < params->num_ssids; j++) { - if (params->ssids[j].ssid_len == ssid->ssid_len && - params->ssids[j].ssid && - os_memcmp(params->ssids[j].ssid, ssid->ssid, - ssid->ssid_len) == 0) - break; - } - if (j < params->num_ssids) - continue; /* already in the list */ - - if (params->num_ssids + 1 > max_ssids) { - wpa_printf(MSG_DEBUG, - "Over max scan SSIDs for manual request"); - break; - } - - wpa_printf(MSG_DEBUG, "Scan SSID (manual request): %s", - wpa_ssid_txt(ssid->ssid, ssid->ssid_len)); - params->ssids[params->num_ssids].ssid = ssid->ssid; - params->ssids[params->num_ssids].ssid_len = ssid->ssid_len; - params->num_ssids++; + if (ssid->scan_ssid) + wpa_add_scan_ssid(wpa_s, params, max_ssids, + ssid->ssid, ssid->ssid_len); + /* + * Also add the SSID of the OWE BSS, to allow discovery of + * transition mode APs + */ + wpa_add_owe_scan_ssid(wpa_s, params, ssid, max_ssids); } wpa_s->scan_id_count = 0; @@ -938,17 +1009,28 @@ static void wpa_supplicant_scan(void *eloop_ctx, void *timeout_ctx) if (ssid == NULL && max_ssids > 1) ssid = wpa_s->conf->ssid; while (ssid) { - if (!wpas_network_disabled(wpa_s, ssid) && - ssid->scan_ssid) { - wpa_hexdump_ascii(MSG_DEBUG, "Scan SSID", - ssid->ssid, ssid->ssid_len); - params.ssids[params.num_ssids].ssid = - ssid->ssid; - params.ssids[params.num_ssids].ssid_len = - ssid->ssid_len; - params.num_ssids++; - if (params.num_ssids + 1 >= max_ssids) - break; + if (!wpas_network_disabled(wpa_s, ssid)) { + if (ssid->scan_ssid) { + wpa_hexdump_ascii(MSG_DEBUG, + "Scan SSID", + ssid->ssid, + ssid->ssid_len); + params.ssids[params.num_ssids].ssid = + ssid->ssid; + params.ssids[params.num_ssids].ssid_len = + ssid->ssid_len; + params.num_ssids++; + + if (params.num_ssids + 1 >= max_ssids) + break; + } + + /* + * Also add the SSID of the OWE BSS, to allow + * discovery of transition mode APs + */ + wpa_add_owe_scan_ssid(wpa_s, ¶ms, ssid, + max_ssids); } ssid = ssid->next; if (ssid == start)