From patchwork Sun Mar 31 19:56:41 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: David Bauer X-Patchwork-Id: 1918311 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=LSQPH2xA; dkim=fail reason="signature verification failed" (4096-bit key; secure) header.d=david-bauer.net header.i=@david-bauer.net header.a=rsa-sha256 header.s=uberspace header.b=Taz+tRE4; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=patchwork.ozlabs.org) Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4V74gg6mTwz1yYH for ; Mon, 1 Apr 2024 06:57:51 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:To:From:Reply-To:Cc:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=vwoATl1sOkTWmfaCM8VKuwtZf8tK6ld/wEwmL03mork=; b=LSQPH2xAr4zRyI boWtA6sxZ3H6IrcQK387H/wv42dB2Qho70oWrJW/e5xaSIrq5dEf7BDLw2cysZLfzLXZiFjNtvUWH emllFMsQhPjroRimAOytp3VJgg1bGnCwNc6j0XE4VXebBgNCek+ZNg/BVLrbex8i4ia73jcGVTJEb NgSREO45D17x+0I58SmO2mDxjGsgt3oh/Q6RyxlDaIftw3InJx41MDME1cefPJBySVtaUYvkFs1JT DSG6MJ0vNJt2ijTUtETIG3JoH7cgZl4nFFsdRFIecsC2WauXRVljlvzVPyLpvE0y0EnpHkuxJdYDD TKzkQm1EfhtxGJnrBx2w==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1rr1Is-00000006Cuz-2IKH; Sun, 31 Mar 2024 19:57:19 +0000 Received: from perseus.uberspace.de ([95.143.172.134]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1rr1Ii-00000006CsL-3lnV for hostap@lists.infradead.org; Sun, 31 Mar 2024 19:57:12 +0000 Received: (qmail 22522 invoked by uid 988); 31 Mar 2024 19:56:51 -0000 Authentication-Results: perseus.uberspace.de; auth=pass (plain) Received: from unknown (HELO unkown) (::1) by perseus.uberspace.de (Haraka/3.0.1) with ESMTPSA; Sun, 31 Mar 2024 21:56:51 +0200 From: David Bauer To: hostap@lists.infradead.org Subject: [PATCH 2/4] ctrl: enable roaming between OWE APs Date: Sun, 31 Mar 2024 21:56:41 +0200 Message-ID: <20240331195643.47587-2-mail@david-bauer.net> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240331195643.47587-1-mail@david-bauer.net> References: <20240331195643.47587-1-mail@david-bauer.net> MIME-Version: 1.0 X-Rspamd-Bar: - X-Rspamd-Report: MID_CONTAINS_FROM(1) BAYES_HAM(-3) MIME_GOOD(-0.1) R_MISSING_CHARSET(0.5) X-Rspamd-Score: -1.6 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=david-bauer.net; s=uberspace; h=from:to:subject:date; bh=HkVjrEm7cs8iuyUc5J6hesCFyItNjo3eD4uMw8rZGKo=; b=Taz+tRE4MVJY/dt23Vk23t2k1OpVWsEd4Jx8KgQAkZHe9TlTQ6jHJ2AmggcUL6BjdQTHPpksQl 1pcT5lWWV1AxFXoo/NpYApNVvIkWVEkh6YzFy5PVLu0THHVTqF+mBLzm8H+rGRrO1ymL5g8OFC1R 8LFlDcHf+qLMq5c/KZ8Q9zcSvNpDQTSq+K/yNBs5wpHE8RPoZAykr3A+6SHu50ec6zCNad7Ju1Fn 0PrzUuZ/CIyEKkwOAH6icn30ejc2JokVkPuGALJW47mjkn1NhNSd7O9FbTbpCqMtDThFBHN0KnYt 7tQhK4MWkek0D+Z1GutYzRriwUu/IcuWxJOWvfgpmCX4NLOii3ACR3Hg3I5BhkZbUq9qv8YDj/St 0IVk/6fueaEFgtgEgkjrUDdhgxSZkNNxBgxk0fvqnJHOUVAVq+DiiyhJXKNWlLB+1bLAzHG9iPJe tJ4H1MrjORU7xUNxY9vvap5mvA/zU/GDbj6eXQyG7+GAnI6A6dIbW+rwAp3R8DGdEyV1e62e7Kpa hUYjJxLtkAk6JGj6G9A4rIsJ69ZTyogPHyKLsMrcUXanIr/u+9/0ANg5gGd9NChS1J+vTkgR6Sq9 6u/Sk3o9rKnD4cxoRFEmzytbQbYOVFAWn50R6Vbo2AGaIS/8eVSuRhcjF0K1YhAReXN92jN+OpYV A= X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240331_125709_558517_A7646D20 X-CRM114-Status: GOOD ( 15.41 ) X-Spam-Score: -0.9 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: This allows to use the roam command with wpa_cli to force roaming on a transition network. Previously, this was not possible, as the open SSID is stored for the connection profile. Add a new function [...] Content analysis details: (-0.9 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [95.143.172.134 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -0.0 SPF_HELO_PASS SPF: HELO matches SPF record -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org This allows to use the roam command with wpa_cli to force roaming on a transition network. Previously, this was not possible, as the open SSID is stored for the connection profile. Add a new function to also return OWE transition networks if the profile SSID is set as the transition-ssid for the OWE RSN network. Signed-off-by: David Bauer --- wpa_supplicant/bss.c | 43 +++++++++++++++++++++++++++++++++++++ wpa_supplicant/bss.h | 2 ++ wpa_supplicant/ctrl_iface.c | 2 +- 3 files changed, 46 insertions(+), 1 deletion(-) diff --git a/wpa_supplicant/bss.c b/wpa_supplicant/bss.c index c213d15ad..85eb6e431 100644 --- a/wpa_supplicant/bss.c +++ b/wpa_supplicant/bss.c @@ -273,6 +273,49 @@ struct wpa_bss * wpa_bss_get(struct wpa_supplicant *wpa_s, const u8 *bssid, return NULL; } +/** + * wpa_bss_get_connection - Fetch a BSS table entry based on BSSID and SSID. + * This function is similar to wpa_bss_get() but it will also return OWE-TM + * encrypted networks which transition-element matches @ssid. + * @wpa_s: Pointer to wpa_supplicant data + * @bssid: BSSID, or %NULL to match any BSSID + * @ssid: SSID + * @ssid_len: Length of @ssid + * Returns: Pointer to the BSS entry or %NULL if not found + */ +struct wpa_bss * wpa_bss_get_connection(struct wpa_supplicant *wpa_s, const u8 *bssid, + const u8 *ssid, size_t ssid_len) +{ + struct wpa_bss *bss; + const u8 *owe, *owe_bssid, *owe_ssid; + size_t owe_ssid_len; + + if (bssid && !wpa_supplicant_filter_bssid_match(wpa_s, bssid)) + return NULL; + dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) { + if (bssid && os_memcmp(bss->bssid, bssid, ETH_ALEN) != 0) + continue; + + if (bss->ssid_len == ssid_len && + os_memcmp(bss->ssid, ssid, ssid_len) == 0) + return bss; + + /* Check if OWE-TM element is present and matches the SSID */ + owe = wpa_bss_get_vendor_ie(bss, OWE_IE_VENDOR_TYPE); + if (!owe) + continue; + + if (wpa_bss_get_owe_trans_network(wpa_s, owe, &owe_bssid, &owe_ssid, + &owe_ssid_len)) + continue; + + if (owe_ssid_len == ssid_len && + os_memcmp(owe_ssid, ssid, ssid_len) == 0) + return bss; + } + return NULL; +} + void calculate_update_time(const struct os_reltime *fetch_time, unsigned int age_ms, diff --git a/wpa_supplicant/bss.h b/wpa_supplicant/bss.h index 8acedbce7..fa72d7406 100644 --- a/wpa_supplicant/bss.h +++ b/wpa_supplicant/bss.h @@ -165,6 +165,8 @@ void wpa_bss_flush(struct wpa_supplicant *wpa_s); void wpa_bss_flush_by_age(struct wpa_supplicant *wpa_s, int age); struct wpa_bss * wpa_bss_get(struct wpa_supplicant *wpa_s, const u8 *bssid, const u8 *ssid, size_t ssid_len); +struct wpa_bss * wpa_bss_get_connection(struct wpa_supplicant *wpa_s, const u8 *bssid, + const u8 *ssid, size_t ssid_len); struct wpa_bss * wpa_bss_get_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid); struct wpa_bss * wpa_bss_get_bssid_latest(struct wpa_supplicant *wpa_s, diff --git a/wpa_supplicant/ctrl_iface.c b/wpa_supplicant/ctrl_iface.c index d0fda4cd9..ebe212cd7 100644 --- a/wpa_supplicant/ctrl_iface.c +++ b/wpa_supplicant/ctrl_iface.c @@ -6011,7 +6011,7 @@ static int wpa_supplicant_ctrl_iface_roam(struct wpa_supplicant *wpa_s, return -1; } - bss = wpa_bss_get(wpa_s, bssid, ssid->ssid, ssid->ssid_len); + bss = wpa_bss_get_connection(wpa_s, bssid, ssid->ssid, ssid->ssid_len); if (!bss) { wpa_printf(MSG_DEBUG, "CTRL_IFACE ROAM: Target AP not found " "from BSS table");