From patchwork Sun Apr 28 13:13:40 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: David Bauer X-Patchwork-Id: 1928655 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=ruKX8cIX; dkim=fail reason="signature verification failed" (4096-bit key; secure) header.d=david-bauer.net header.i=@david-bauer.net header.a=rsa-sha256 header.s=uberspace header.b=ffZRzK6n; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=patchwork.ozlabs.org) Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4VS6Pl5073z23ny for ; Sun, 28 Apr 2024 23:14:50 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:To:From:Reply-To:Cc:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=JnRIECJzvt42ddchCBJqOdGqp8pc6wmya3Qy2BJF/Vs=; b=ruKX8cIX/cYF1k lFPVvw5noAKowuua62NVf8fWUOmfcBu8gkbnyWfxcRBN68tjNNQVzbIl8iJolhvALDHBOtuPvn1lD naobHAqP7K2nDwEK6RM33JYMpVX3KRKOJ31RDaqIllvighoIEfO5gUc/LjAvCZk5UYbd4r6BKAkal c9yFLvYdkpI2Z7zdnmnSzQLZqM7gu61Az/f3SXKpsad+V+hMTZABFVEDz242ceXbVuiKiczIHFoUi MI7b4V9qLqxSq+Lp00GcW0aG9TcmzXg3hrfHAYyDTK0oOO8fvhhRAU09BNU9U92aTaAGjF1ISwS2S wnE2isiHMER6IpCqPZlw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1s14MM-000000000MA-1zwF; Sun, 28 Apr 2024 13:14:26 +0000 Received: from perseus.uberspace.de ([95.143.172.134]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1s14M4-000000000Df-3C0L for hostap@lists.infradead.org; Sun, 28 Apr 2024 13:14:15 +0000 Received: (qmail 7403 invoked by uid 988); 28 Apr 2024 13:13:58 -0000 Authentication-Results: perseus.uberspace.de; auth=pass (plain) Received: from unknown (HELO unkown) (::1) by perseus.uberspace.de (Haraka/3.0.1) with ESMTPSA; Sun, 28 Apr 2024 15:13:58 +0200 From: David Bauer To: hostap@lists.infradead.org Subject: [PATCH v2 1/5] wpa_supplicant: reduce OWE transition network code duplication Date: Sun, 28 Apr 2024 15:13:40 +0200 Message-ID: <20240428131344.334314-2-mail@david-bauer.net> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240428131344.334314-1-mail@david-bauer.net> References: <20240428131344.334314-1-mail@david-bauer.net> MIME-Version: 1.0 X-Rspamd-Bar: - X-Rspamd-Report: MID_CONTAINS_FROM(1) BAYES_HAM(-3) MIME_GOOD(-0.1) R_MISSING_CHARSET(0.5) X-Rspamd-Score: -1.6 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=david-bauer.net; s=uberspace; h=from:to:subject:date; bh=TwbmpkIhY4hslfUe+/ZXKr6wL+HFsFQJvmEkzB0VGxU=; b=ffZRzK6nV+aqRGbVuM3rNJf62QpMfSBtz6cjRQu2ImMROW9D5KHM1AeimtWYbVjuAKA89cg+Zk PzW4GoCOOmzsviofPt2V/UAwDh2oADIvRLx5XQkKt1iKlVjX7tT8nXzlSxY+GposwVPyvv1REbTR QcdHf3EauJrkUdfYHDlSDIB57yXPZBqYnMtlmZzNI0zKRT730BX3CQNr61JMI7wTaIPWtvQBS52b 1K1oGhpi5th5yiE7rekejZPRuImIXgjnQpk/uJ/s0YL+PO2mGcVhC7sabX4y86LYyTXHsMDhv9v+ Z1qnPF667lclIBh8CRmnO/HFvoWUjKctdotyUK74Na8V5SWH4zn9Z4qD2mwdSQrGOyhxNV4wKW0b prPZK+nMo5KlWazHu+dk8VEwo7z0YGiUtr5swSAsus2DqK52uRt+NrPrW3UJU6TgehPWxXdANM2u QTO2LbkIWb5nnT0zTi3JZiLsavuZGiSonQD9Nt0yD7TD5Iu0dv5uYAszL/4CZay5N+SIrDelyJBK +jqm4rwmi5JNgQLFLj8b+32+v9QHqECHms2pKHD179F+iZjWCE0iTjEJUUdgXUeblk4Z9tYrYIzL SIYTcjEMe3KK2ET+dUpZB/IlumVGnrR2PncoKYSKbbUMW/4F/u1VMwYDZtR1TwHlsRfxyplfDomb A= X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240428_061409_524421_5DFD3C3A X-CRM114-Status: GOOD ( 16.51 ) X-Spam-Score: -0.9 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Reduce the code-duplication for methods handling the OWE transition mode. This is required for adding bgscan support for transition networks. Signed-off-by: David Bauer --- wpa_supplicant/bss.c | 30 ++++++++++++++++++++++++++++++ wpa_supplicant/bss.h | 2 ++ wpa_supplicant/events.c | 21 +++++ wpa_suppli [...] Content analysis details: (-0.9 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [95.143.172.134 listed in list.dnswl.org] -0.0 SPF_HELO_PASS SPF: HELO matches SPF record -0.0 SPF_PASS SPF: sender matches SPF record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Reduce the code-duplication for methods handling the OWE transition mode. This is required for adding bgscan support for transition networks. Signed-off-by: David Bauer --- wpa_supplicant/bss.c | 30 ++++++++++++++++++++++++++++++ wpa_supplicant/bss.h | 2 ++ wpa_supplicant/events.c | 21 +++++---------------- wpa_supplicant/scan.c | 20 +++----------------- wpa_supplicant/wpa_supplicant.c | 17 +++++------------ 5 files changed, 45 insertions(+), 45 deletions(-) diff --git a/wpa_supplicant/bss.c b/wpa_supplicant/bss.c index 289035310..c213d15ad 100644 --- a/wpa_supplicant/bss.c +++ b/wpa_supplicant/bss.c @@ -817,6 +817,36 @@ void wpa_bss_update_start(struct wpa_supplicant *wpa_s) wpa_s->last_scan_res_used = 0; } +int wpa_bss_get_owe_trans_network(struct wpa_supplicant *wpa_s, const u8 *owe_ie, + const u8 **bssid, const u8 **ssid, size_t *ssid_len) +{ +#ifdef CONFIG_OWE + const u8 *pos, *end; + u8 ssid_len_tmp; + + if (!owe_ie) + return 1; + + pos = owe_ie + 6; + end = owe_ie + 2 + owe_ie[1]; + + if (end - pos < ETH_ALEN + 1) + return 1; + *bssid = pos; + pos += ETH_ALEN; + ssid_len_tmp = *pos++; + if (end - pos < ssid_len_tmp || ssid_len_tmp > SSID_MAX_LEN) + return 1; + + *ssid = pos; + *ssid_len = ssid_len_tmp; + + return 0; +#else /* CONFIG_OWE */ + return 1; +#endif /* CONFIG_OWE */ +} + /** * wpa_bss_update_scan_res - Update a BSS table entry based on a scan result diff --git a/wpa_supplicant/bss.h b/wpa_supplicant/bss.h index cc0496324..8acedbce7 100644 --- a/wpa_supplicant/bss.h +++ b/wpa_supplicant/bss.h @@ -185,6 +185,8 @@ struct wpabuf * wpa_bss_get_vendor_ie_multi_beacon(const struct wpa_bss *bss, u32 vendor_type); int wpa_bss_get_max_rate(const struct wpa_bss *bss); int wpa_bss_get_bit_rates(const struct wpa_bss *bss, u8 **rates); +int wpa_bss_get_owe_trans_network(struct wpa_supplicant *wpa_s, const u8 *owe_ie, + const u8 **bssid, const u8 **ssid, size_t *ssid_len); struct wpa_bss_anqp * wpa_bss_anqp_alloc(void); int wpa_bss_anqp_unshare_alloc(struct wpa_bss *bss); const u8 * wpa_bss_get_fils_cache_id(const struct wpa_bss *bss); diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c index 8dc618e5c..abeaefff1 100644 --- a/wpa_supplicant/events.c +++ b/wpa_supplicant/events.c @@ -1108,30 +1108,19 @@ static void owe_trans_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *bss, const u8 **ret_ssid, size_t *ret_ssid_len) { #ifdef CONFIG_OWE - const u8 *owe, *pos, *end, *bssid; - u8 ssid_len; + const u8 *owe, *bssid; owe = wpa_bss_get_vendor_ie(bss, OWE_IE_VENDOR_TYPE); if (!owe || !wpa_bss_get_ie(bss, WLAN_EID_RSN)) return; - pos = owe + 6; - end = owe + 2 + owe[1]; - - if (end - pos < ETH_ALEN + 1) - return; - bssid = pos; - pos += ETH_ALEN; - ssid_len = *pos++; - if (end - pos < ssid_len || ssid_len > SSID_MAX_LEN) + if (wpa_bss_get_owe_trans_network(wpa_s, owe, &bssid, ret_ssid, ret_ssid_len)) return; /* Match the profile SSID against the OWE transition mode SSID on the * open network. */ wpa_dbg(wpa_s, MSG_DEBUG, "OWE: transition mode BSSID: " MACSTR - " SSID: %s", MAC2STR(bssid), wpa_ssid_txt(pos, ssid_len)); - *ret_ssid = pos; - *ret_ssid_len = ssid_len; + " SSID: %s", MAC2STR(bssid), wpa_ssid_txt(*ret_ssid, *ret_ssid_len)); if (!(bss->flags & WPA_BSS_OWE_TRANSITION)) { struct wpa_ssid *ssid; @@ -1139,8 +1128,8 @@ static void owe_trans_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *bss, for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) { if (wpas_network_disabled(wpa_s, ssid)) continue; - if (ssid->ssid_len == ssid_len && - os_memcmp(ssid->ssid, pos, ssid_len) == 0) { + if (ssid->ssid_len == *ret_ssid_len && + os_memcmp(ssid->ssid, ret_ssid, *ret_ssid_len) == 0) { /* OWE BSS in transition mode for a currently * enabled OWE network. */ wpa_dbg(wpa_s, MSG_DEBUG, diff --git a/wpa_supplicant/scan.c b/wpa_supplicant/scan.c index 8b59e409b..52fe89746 100644 --- a/wpa_supplicant/scan.c +++ b/wpa_supplicant/scan.c @@ -954,8 +954,7 @@ static void wpa_add_owe_scan_ssid(struct wpa_supplicant *wpa_s, wpa_ssid_txt(ssid->ssid, ssid->ssid_len)); dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) { - const u8 *owe, *pos, *end; - const u8 *owe_ssid; + const u8 *owe, *owe_bssid, *owe_ssid; size_t owe_ssid_len; if (bss->ssid_len != ssid->ssid_len || @@ -966,21 +965,8 @@ static void wpa_add_owe_scan_ssid(struct wpa_supplicant *wpa_s, if (!owe || owe[1] < 4) continue; - pos = owe + 6; - end = owe + 2 + owe[1]; - - /* Must include BSSID and ssid_len */ - if (end - pos < ETH_ALEN + 1) - return; - - /* Skip BSSID */ - pos += ETH_ALEN; - owe_ssid_len = *pos++; - owe_ssid = pos; - - if ((size_t) (end - pos) < owe_ssid_len || - owe_ssid_len > SSID_MAX_LEN) - return; + if (wpa_bss_get_owe_trans_network(wpa_s, owe, &owe_bssid, &owe_ssid, &owe_ssid_len)) + continue; wpa_printf(MSG_DEBUG, "OWE: scan_ssids: transition mode OWE ssid=%s", diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c index eeb667515..06161a6dc 100644 --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c @@ -5276,8 +5276,8 @@ int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level, static int owe_trans_ssid_match(struct wpa_supplicant *wpa_s, const u8 *bssid, const u8 *entry_ssid, size_t entry_ssid_len) { - const u8 *owe, *pos, *end; - u8 ssid_len; + const u8 *owe, *owe_bssid, *owe_ssid; + size_t owe_ssid_len; struct wpa_bss *bss; /* Check network profile SSID aganst the SSID in the @@ -5291,18 +5291,11 @@ static int owe_trans_ssid_match(struct wpa_supplicant *wpa_s, const u8 *bssid, if (!owe) return 0; - pos = owe + 6; - end = owe + 2 + owe[1]; - - if (end - pos < ETH_ALEN + 1) - return 0; - pos += ETH_ALEN; - ssid_len = *pos++; - if (end - pos < ssid_len || ssid_len > SSID_MAX_LEN) + if (wpa_bss_get_owe_trans_network(wpa_s, owe, &owe_bssid, &owe_ssid, &owe_ssid_len)) return 0; - return entry_ssid_len == ssid_len && - os_memcmp(pos, entry_ssid, ssid_len) == 0; + return entry_ssid_len == owe_ssid_len && + os_memcmp(owe_ssid, entry_ssid, owe_ssid_len) == 0; } #endif /* CONFIG_OWE */ From patchwork Sun Apr 28 13:13:41 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: David Bauer X-Patchwork-Id: 1928657 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=HEvb0dd3; dkim=fail reason="signature verification failed" (4096-bit key; secure) header.d=david-bauer.net header.i=@david-bauer.net header.a=rsa-sha256 header.s=uberspace header.b=vzmuvqY3; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=patchwork.ozlabs.org) Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4VS6Pl54jbz23tD for ; Sun, 28 Apr 2024 23:14:50 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:To:From:Reply-To:Cc:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=uLSTk11vVBUAzULx64skZnwdyN9ndut4OWULJ9ei1KU=; b=HEvb0dd3kMrBDW ZY8pioa2G9+r/1f80yF9mzzBTW5gmCz4pJJe4KK5K9NaQf2MW0DLVzO+QsrGQLlX0IExWTAoCrQCG 43fZlNpAXNoAP8BnwYCHU8qk9JeMvh+8l9MzclSab3Z+gQhZ3GKSBn5MxCx+Hx4MUm/T+MeTaX6TF 6np1pWP00VNB8pAmPSaUO5r8W+KENhLypxK8TOS7bkopX1rGQyN02LxogV6vmhTbYImTqZ/g1LEYy eb79C4DEnna7ucDj7VUcOjl8Y/nQcW7OBwLTMA7ANYzEh3P7nJMeqIRqkIv++/bDAoVawodzJ33aY 5o3Y4fs65XyNQRs4kuDg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1s14MJ-000000000LR-2ode; Sun, 28 Apr 2024 13:14:23 +0000 Received: from perseus.uberspace.de ([95.143.172.134]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1s14M4-000000000Di-3ByH for hostap@lists.infradead.org; Sun, 28 Apr 2024 13:14:14 +0000 Received: (qmail 7406 invoked by uid 988); 28 Apr 2024 13:13:59 -0000 Authentication-Results: perseus.uberspace.de; auth=pass (plain) Received: from unknown (HELO unkown) (::1) by perseus.uberspace.de (Haraka/3.0.1) with ESMTPSA; Sun, 28 Apr 2024 15:13:59 +0200 From: David Bauer To: hostap@lists.infradead.org Subject: [PATCH v2 2/5] ctrl: enable roaming between OWE APs Date: Sun, 28 Apr 2024 15:13:41 +0200 Message-ID: <20240428131344.334314-3-mail@david-bauer.net> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240428131344.334314-1-mail@david-bauer.net> References: <20240428131344.334314-1-mail@david-bauer.net> MIME-Version: 1.0 X-Rspamd-Bar: - X-Rspamd-Report: MID_CONTAINS_FROM(1) BAYES_HAM(-3) MIME_GOOD(-0.1) R_MISSING_CHARSET(0.5) X-Rspamd-Score: -1.6 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=david-bauer.net; s=uberspace; h=from:to:subject:date; bh=EVLomd57g/+bXM4h9qRFLJalOz3hOWbgkXO/JW27FJc=; b=vzmuvqY3sFM73x3osYCe+xaWNU9zllhLo6gJAAlGHmymvt/gp+lXVz+tlTp3WovzHpwZMa7Y2D sI4LSvmAqKvecCqu+aasGMmAYzr8yBnCqfXTyY+sk4Oi70Kasg40rkUrpWyXxT9kBL90udeEe5f+ ff1DzELd1JMzaIhU0R/VJfQ/BIq4SWWkf7FD0U6dBGUO2dAgv36jcOkO0Q04rYdcH4MxjuteC1XB vw9lsYUOKEuutqLUNKu7aIJsWPrsgnw2rf9+LD+ipXmwjtEfTZTmf+UpF+9KsrVM9hsD9IOlwFEx fk0Gd/piZJLaSWtX7Ur2acucz7k9ArhlZSV99yQOHhNKxWXZfBqDRERbO+gajb85aBozIH9Drsi8 N7kPUpp+bYUOt4Zr+DMRMws3myYTr2MKkxRgePgAfHV0dx2LXbmwLwxqrL/nUeXDfKreZlom8mhP u8v9Sfp6GUAuhwHS8KIXluT+7W25gceTppx4Di7fcDI1NI7ETKbsBssT9NSPS7bZh7OjXSZCGNBC 39q4BAU7Q2HIUoPkuQEhU+04wikJecCATXC3G0YJa1cnGG5eTNLpb64cPEzfm+98iyWNxU/HxvAe JPCe+clIVQLnAFs8NfzuLJ9H4QvhPFAe+FDV9B4ABdq94Qde/4NleKYn0ToAgIrjCekOuVYCpFBE 4= X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240428_061409_537174_62637ACF X-CRM114-Status: GOOD ( 15.29 ) X-Spam-Score: -0.9 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: This allows to use the roam command with wpa_cli to force roaming on a transition network. Previously, this was not possible, as the open SSID is stored for the connection profile. Add a new function [...] Content analysis details: (-0.9 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [95.143.172.134 listed in list.dnswl.org] -0.0 SPF_HELO_PASS SPF: HELO matches SPF record -0.0 SPF_PASS SPF: sender matches SPF record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org This allows to use the roam command with wpa_cli to force roaming on a transition network. Previously, this was not possible, as the open SSID is stored for the connection profile. Add a new function to also return OWE transition networks if the profile SSID is set as the transition-ssid for the OWE RSN network. Signed-off-by: David Bauer --- wpa_supplicant/bss.c | 47 +++++++++++++++++++++++++++++++++++++ wpa_supplicant/bss.h | 2 ++ wpa_supplicant/ctrl_iface.c | 2 +- 3 files changed, 50 insertions(+), 1 deletion(-) diff --git a/wpa_supplicant/bss.c b/wpa_supplicant/bss.c index c213d15ad..e528af280 100644 --- a/wpa_supplicant/bss.c +++ b/wpa_supplicant/bss.c @@ -273,6 +273,53 @@ struct wpa_bss * wpa_bss_get(struct wpa_supplicant *wpa_s, const u8 *bssid, return NULL; } +/** + * wpa_bss_get_connection - Fetch a BSS table entry based on BSSID and SSID. + * This function is similar to wpa_bss_get() but it will also return OWE-TM + * encrypted networks which transition-element matches @ssid. + * @wpa_s: Pointer to wpa_supplicant data + * @bssid: BSSID, or %NULL to match any BSSID + * @ssid: SSID + * @ssid_len: Length of @ssid + * Returns: Pointer to the BSS entry or %NULL if not found + */ +struct wpa_bss * wpa_bss_get_connection(struct wpa_supplicant *wpa_s, const u8 *bssid, + const u8 *ssid, size_t ssid_len) +{ + struct wpa_bss *bss; +#ifdef CONFIG_OWE + const u8 *owe, *owe_bssid, *owe_ssid; + size_t owe_ssid_len; +#endif /* CONFIG_OWE */ + + if (bssid && !wpa_supplicant_filter_bssid_match(wpa_s, bssid)) + return NULL; + dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) { + if (bssid && os_memcmp(bss->bssid, bssid, ETH_ALEN) != 0) + continue; + + if (bss->ssid_len == ssid_len && + os_memcmp(bss->ssid, ssid, ssid_len) == 0) + return bss; + +#ifdef CONFIG_OWE + /* Check if OWE-TM element is present and matches the SSID */ + owe = wpa_bss_get_vendor_ie(bss, OWE_IE_VENDOR_TYPE); + if (!owe) + continue; + + if (wpa_bss_get_owe_trans_network(wpa_s, owe, &owe_bssid, &owe_ssid, + &owe_ssid_len)) + continue; + + if (owe_ssid_len == ssid_len && + os_memcmp(owe_ssid, ssid, ssid_len) == 0) + return bss; +#endif /* CONFIG_OWE */ + } + return NULL; +} + void calculate_update_time(const struct os_reltime *fetch_time, unsigned int age_ms, diff --git a/wpa_supplicant/bss.h b/wpa_supplicant/bss.h index 8acedbce7..fa72d7406 100644 --- a/wpa_supplicant/bss.h +++ b/wpa_supplicant/bss.h @@ -165,6 +165,8 @@ void wpa_bss_flush(struct wpa_supplicant *wpa_s); void wpa_bss_flush_by_age(struct wpa_supplicant *wpa_s, int age); struct wpa_bss * wpa_bss_get(struct wpa_supplicant *wpa_s, const u8 *bssid, const u8 *ssid, size_t ssid_len); +struct wpa_bss * wpa_bss_get_connection(struct wpa_supplicant *wpa_s, const u8 *bssid, + const u8 *ssid, size_t ssid_len); struct wpa_bss * wpa_bss_get_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid); struct wpa_bss * wpa_bss_get_bssid_latest(struct wpa_supplicant *wpa_s, diff --git a/wpa_supplicant/ctrl_iface.c b/wpa_supplicant/ctrl_iface.c index bc013ad99..b5cf16650 100644 --- a/wpa_supplicant/ctrl_iface.c +++ b/wpa_supplicant/ctrl_iface.c @@ -6011,7 +6011,7 @@ static int wpa_supplicant_ctrl_iface_roam(struct wpa_supplicant *wpa_s, return -1; } - bss = wpa_bss_get(wpa_s, bssid, ssid->ssid, ssid->ssid_len); + bss = wpa_bss_get_connection(wpa_s, bssid, ssid->ssid, ssid->ssid_len); if (!bss) { wpa_printf(MSG_DEBUG, "CTRL_IFACE ROAM: Target AP not found " "from BSS table"); From patchwork Sun Apr 28 13:13:42 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: David Bauer X-Patchwork-Id: 1928654 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=vv9j8Tkb; dkim=fail reason="signature verification failed" (4096-bit key; secure) header.d=david-bauer.net header.i=@david-bauer.net header.a=rsa-sha256 header.s=uberspace header.b=ybfXWWzf; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=patchwork.ozlabs.org) Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4VS6Pl6S00z23tF for ; Sun, 28 Apr 2024 23:14:50 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:To:From:Reply-To:Cc:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=stAefcpnFvmveS5X+P/Tm6tOflCs4QQPs8kTIujW/6k=; b=vv9j8TkbNTql0n cZrrlw0xoPMmePWINJUGDL4mJOSD6BHQqapO33OZMxC5Gi90jFkyGXjJXeXGPMLOxvpDJ59V0R3sV kzKl+TBEBdFs+B9+br2J7S2UMJ6UXqrg8tRGWvv/zGPDIp1IdQzhSzwwC/9ZEFb1BL1XDJNrL1AEF QFBid9zGdEYEp5EGkFGdlB3ISNOAx7GykUf62nlHrs3y0/Yklo/B2XS+SrkPXOeJhEL8is8hdMueZ 76ORMSVeQuEUAgH1rvwyhX20+tMprnoDsS7M4FnS8vpGgjIoiKsYIZj9PBu71143KMFcwWffZrzz7 jzQ7JPCSHBUY0MEfCUZw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1s14ML-000000000Ll-0t0N; Sun, 28 Apr 2024 13:14:25 +0000 Received: from perseus.uberspace.de ([95.143.172.134]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1s14M4-000000000Dk-3nW9 for hostap@lists.infradead.org; Sun, 28 Apr 2024 13:14:13 +0000 Received: (qmail 7408 invoked by uid 988); 28 Apr 2024 13:13:59 -0000 Authentication-Results: perseus.uberspace.de; auth=pass (plain) Received: from unknown (HELO unkown) (::1) by perseus.uberspace.de (Haraka/3.0.1) with ESMTPSA; Sun, 28 Apr 2024 15:13:59 +0200 From: David Bauer To: hostap@lists.infradead.org Subject: [PATCH v2 3/5] bss: don't add hidden OWE transition-networks to scan-list Date: Sun, 28 Apr 2024 15:13:42 +0200 Message-ID: <20240428131344.334314-4-mail@david-bauer.net> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240428131344.334314-1-mail@david-bauer.net> References: <20240428131344.334314-1-mail@david-bauer.net> MIME-Version: 1.0 X-Rspamd-Bar: - X-Rspamd-Report: MID_CONTAINS_FROM(1) BAYES_HAM(-3) MIME_GOOD(-0.1) R_MISSING_CHARSET(0.5) X-Rspamd-Score: -1.6 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=david-bauer.net; s=uberspace; h=from:to:subject:date; bh=yMQAqJ+WvmiAYG3mR+eaPiUugCiCj+bzw5ceyLZLhmY=; b=ybfXWWzfyrDl+69ssyya5OxULF1OQ27fiZg+p66ez1Q99Qs3Y0JCeBBvHalqwRjArIocVsPnf+ 0yHR+ZiOLETdkLICW0ajuln1pbFWl0h2rPbxnZZgnjUEOTohxPQSSThIBBFkE3Tu/Uk+CP5yPBur o7aIQLbF94ac4VcQNoM2oYagEm1ryk1DIwzpTwSOhLn5pXvUkZvlg2bn4Je3s2c/UEUaZq/6qe+6 /YkvJRx0zv5y0R02tmM2cUrk9OlIFf25h6semHuAI5Om0cCKjeAfK+R0E7ffCB0hGXmVZSTxl41f gwRdMFhSYyB65n/iraSGsKYBIGxsc2EJmuhnQzU4QlpVO+31ZlgHYUWkvdomLJKzIluUp1AhRefQ 7VfT6nrJiO5+4uM8Yu6bvh7KigUqmERz5zx0dMLWGkdoGh0229sdTr9uu7sXee+EaJyltXKBN4VL 1MS8fI6zdNZJQPQNV7E1qTWFxtXVo1NF3dPX5PTK5D35CzPu1/m5scqp8iDJCSD6Z4/nuQKmTvFe UKGlCp2gGfnz5gFffQa4tq52Hcx9gBQN+il/269FWQ3bVWx20mq6xvKazGUDt8rX1H4RJvyPIYPL +1pfiX+l00qvqC2z1eSey5f3szJY5sOJGiFMysXJ/CcwXMWo/GkEFlafrUTdzH1flCGRXRxRwsde o= X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240428_061409_556597_54D3507C X-CRM114-Status: UNSURE ( 9.52 ) X-CRM114-Notice: Please train this message. X-Spam-Score: -0.9 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: When adding these networks hidden, they get re-added for the same BSSID when scanning for the transition-SSID. Skip adding the OWE-SSIDs in case the SSID was not explicitly scanned for. Signed-off-by: David Bauer --- wpa_supplicant/bss.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) Content analysis details: (-0.9 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [95.143.172.134 listed in list.dnswl.org] -0.0 SPF_HELO_PASS SPF: HELO matches SPF record -0.0 SPF_PASS SPF: sender matches SPF record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org When adding these networks hidden, they get re-added for the same BSSID when scanning for the transition-SSID. Skip adding the OWE-SSIDs in case the SSID was not explicitly scanned for. Signed-off-by: David Bauer --- wpa_supplicant/bss.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/wpa_supplicant/bss.c b/wpa_supplicant/bss.c index e528af280..b9bf06c45 100644 --- a/wpa_supplicant/bss.c +++ b/wpa_supplicant/bss.c @@ -909,7 +909,7 @@ void wpa_bss_update_scan_res(struct wpa_supplicant *wpa_s, struct wpa_scan_res *res, struct os_reltime *fetch_time) { - const u8 *ssid, *p2p, *mesh; + const u8 *ssid, *p2p, *mesh, *owe, *rsn; struct wpa_bss *bss; if (wpa_s->conf->ignore_old_scan_res) { @@ -940,6 +940,12 @@ void wpa_bss_update_scan_res(struct wpa_supplicant *wpa_s, return; } + /* Don't add hidden OWE transition networks with RSN. They are explicitly scanned for. */ + rsn = wpa_scan_get_ie(res, WLAN_EID_RSN); + owe = wpa_scan_get_vendor_ie(res, OWE_IE_VENDOR_TYPE); + if (owe && rsn && (ssid[1] == 0 || ssid[2] == 0)) + return; + p2p = wpa_scan_get_vendor_ie(res, P2P_IE_VENDOR_TYPE); #ifdef CONFIG_P2P if (p2p == NULL && From patchwork Sun Apr 28 13:13:43 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: David Bauer X-Patchwork-Id: 1928659 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=oKelXLkG; dkim=fail reason="signature verification failed" (4096-bit key; secure) header.d=david-bauer.net header.i=@david-bauer.net header.a=rsa-sha256 header.s=uberspace header.b=OTYsIfSG; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=patchwork.ozlabs.org) Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4VS6Pl52nJz23t4 for ; Sun, 28 Apr 2024 23:14:50 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:To:From:Reply-To:Cc:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=0aHt7QmP95FAGpx0lzgS4COuAa2BYOejJwPLQKmyAOQ=; b=oKelXLkGU6yjHh jX0fccfAwutloqy0LaZjqzA7IadJpULsIl7V/p9Kds1qrT3Q5MCcW0Q3k9Z/YmL2PC3SLD8+u/cLq 8UGXHH1tovk19nZXSLm9QpYZtRajHN9YhuRe8DJg0Na6/RkvoC4nc3BtyUIXaNnkqInZ/5eG9Vbwn PtmC6XvpCif2ZBJJ6JYWULJFQ3Xm+tK5eoxqIMryasOdz7xzcv2BgrieYPpu8pU5xLyH2i1jhAE3k R8Q5bSk5UHy0a9B901wTB988PuC9RmW8hRPsD7b9zXYsCtKJOL6rvQ8yfNHVExGKOE0AQ8w5fORB1 k/jewLYlnb2drXs2pCXg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1s14MH-000000000L5-3dUk; Sun, 28 Apr 2024 13:14:21 +0000 Received: from perseus.uberspace.de ([95.143.172.134]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1s14M5-000000000Dl-09RB for hostap@lists.infradead.org; Sun, 28 Apr 2024 13:14:14 +0000 Received: (qmail 7412 invoked by uid 988); 28 Apr 2024 13:13:59 -0000 Authentication-Results: perseus.uberspace.de; auth=pass (plain) Received: from unknown (HELO unkown) (::1) by perseus.uberspace.de (Haraka/3.0.1) with ESMTPSA; Sun, 28 Apr 2024 15:13:59 +0200 From: David Bauer To: hostap@lists.infradead.org Subject: [PATCH v2 4/5] bgscan: add OWE transition SSID to OWE network scan Date: Sun, 28 Apr 2024 15:13:43 +0200 Message-ID: <20240428131344.334314-5-mail@david-bauer.net> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240428131344.334314-1-mail@david-bauer.net> References: <20240428131344.334314-1-mail@david-bauer.net> MIME-Version: 1.0 X-Rspamd-Bar: - X-Rspamd-Report: MID_CONTAINS_FROM(1) BAYES_HAM(-3) MIME_GOOD(-0.1) R_MISSING_CHARSET(0.5) X-Rspamd-Score: -1.6 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=david-bauer.net; s=uberspace; h=from:to:subject:date; bh=as3GubP9YZmHSOx8qVyuvg6/nay/gECwM0jtQ11TWw0=; b=OTYsIfSGap+haVwFkK7/7jI9qhmKFXa6JkdSK+SmMVEFqyH5Q62kCmlMBLxWyPjFlNN6dq34fX +xoisv6++kWIbUbCYpb5ZunVeTby0t+j2OVb8gmYU9+HuN08ohAdvOfyW+aMdmSp0eJhArjDKMvt 8Y3hoOpsDEg9l+E2AoXacEW++fpThKhYEk//PW5Sj3VL29jT+h3fHt3dw7YpWq2irEbQ17YSVSd5 SP+LiaaZOPkt/2qcTZcPpQGkHKZgU3i56tnljKu3jV699TuokVTQa0GIpedgEiLUmy1mWrS5pAbX x+CT4yRRXG6TgrvchnmISFhdylged2gkxWPcEKLZex+kY8281wNnUcGdIpLyn2rSVkjpI4G+hR4Q SFoaFOxx2/6brJA5lwuEbDZRAwitwz60n8C7METP6blqwIoz7CBzBPGc+Tx08dYcHg0toU32hSof OBzxK1Si72IT4diwy+W/SJjwDyrMLfBnctJq5egSXMj6oRrs2hJhmVHmT5nP9wj28nDBTtZAJLbv zDwBP8BghdXukr5Dmuqg26Zi1b6SnpZm8sQOUGyAN+84va0t3cEke9eiNOC2UMjt6A5u8+ZoQTU9 dhKFWvpu7rY90Xqjy4CDTnN9EHRjIfp4EeRzOxN5fmKtxhPWg+ucQuzFBO5yA+KpS8ajkqz/h0nk k= X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240428_061409_468807_D1D3CE80 X-CRM114-Status: GOOD ( 12.16 ) X-Spam-Score: -0.9 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Add transition SSIDs to the SSID scan-list. This is currently missing and bgscan fails to scan for SSIDs on the transition network if one is currently used. Signed-off-by: David Bauer --- wpa_supplicant/bgscan_learn.c | 4 ++++ wpa_supplicant/bgscan_simple.c | 3 +++ wpa_supplicant/scan.c | 6 +++--- wpa_supplicant/scan.h | 3 +++ 4 fil [...] Content analysis details: (-0.9 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [95.143.172.134 listed in list.dnswl.org] -0.0 SPF_HELO_PASS SPF: HELO matches SPF record -0.0 SPF_PASS SPF: sender matches SPF record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Add transition SSIDs to the SSID scan-list. This is currently missing and bgscan fails to scan for SSIDs on the transition network if one is currently used. Signed-off-by: David Bauer --- wpa_supplicant/bgscan_learn.c | 4 ++++ wpa_supplicant/bgscan_simple.c | 3 +++ wpa_supplicant/scan.c | 6 +++--- wpa_supplicant/scan.h | 3 +++ 4 files changed, 13 insertions(+), 3 deletions(-) diff --git a/wpa_supplicant/bgscan_learn.c b/wpa_supplicant/bgscan_learn.c index cab4ae2ac..922fe5440 100644 --- a/wpa_supplicant/bgscan_learn.c +++ b/wpa_supplicant/bgscan_learn.c @@ -280,6 +280,10 @@ static void bgscan_learn_timeout(void *eloop_ctx, void *timeout_ctx) params.num_ssids = 1; params.ssids[0].ssid = data->ssid->ssid; params.ssids[0].ssid_len = data->ssid->ssid_len; + + /* Add transition mode SSID of current network */ + wpa_add_owe_scan_ssid(wpa_s, ¶ms, data->ssid, wpa_s->max_scan_ssids - params.num_ssids); + if (data->ssid->scan_freq) params.freqs = data->ssid->scan_freq; else { diff --git a/wpa_supplicant/bgscan_simple.c b/wpa_supplicant/bgscan_simple.c index a90cf86e5..96e5e5a40 100644 --- a/wpa_supplicant/bgscan_simple.c +++ b/wpa_supplicant/bgscan_simple.c @@ -89,6 +89,9 @@ static void bgscan_simple_timeout(void *eloop_ctx, void *timeout_ctx) params.ssids[0].ssid_len = data->ssid->ssid_len; params.freqs = data->ssid->scan_freq; + /* Add transition mode SSID of current network */ + wpa_add_owe_scan_ssid(wpa_s, ¶ms, data->ssid, wpa_s->max_scan_ssids - params.num_ssids); + /* * A more advanced bgscan module would learn about most like channels * over time and request scans only for some channels (probing others diff --git a/wpa_supplicant/scan.c b/wpa_supplicant/scan.c index 52fe89746..8a0387301 100644 --- a/wpa_supplicant/scan.c +++ b/wpa_supplicant/scan.c @@ -940,9 +940,9 @@ static void wpa_add_scan_ssid(struct wpa_supplicant *wpa_s, } -static void wpa_add_owe_scan_ssid(struct wpa_supplicant *wpa_s, - struct wpa_driver_scan_params *params, - struct wpa_ssid *ssid, size_t max_ssids) +void wpa_add_owe_scan_ssid(struct wpa_supplicant *wpa_s, + struct wpa_driver_scan_params *params, + const struct wpa_ssid *ssid, size_t max_ssids) { #ifdef CONFIG_OWE struct wpa_bss *bss; diff --git a/wpa_supplicant/scan.h b/wpa_supplicant/scan.h index d4c06c1ae..7ea99928c 100644 --- a/wpa_supplicant/scan.h +++ b/wpa_supplicant/scan.h @@ -104,5 +104,8 @@ int wpas_channel_width_rssi_bump(const u8 *ies, size_t ies_len, enum chan_width cw); int wpas_adjust_snr_by_chanwidth(const u8 *ies, size_t ies_len, enum chan_width max_cw, int snr); +void wpa_add_owe_scan_ssid(struct wpa_supplicant *wpa_s, + struct wpa_driver_scan_params *params, + const struct wpa_ssid *ssid, size_t max_ssids); #endif /* SCAN_H */ From patchwork Sun Apr 28 13:13:44 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: David Bauer X-Patchwork-Id: 1928658 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=V/iywuZi; dkim=fail reason="signature verification failed" (4096-bit key; secure) header.d=david-bauer.net header.i=@david-bauer.net header.a=rsa-sha256 header.s=uberspace header.b=TLpJup4R; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=patchwork.ozlabs.org) Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4VS6Pl6dtkz23tW for ; Sun, 28 Apr 2024 23:14:50 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:To:From:Reply-To:Cc:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=f25pOwsvxE5SqjESfBI1O1dDeSvxD2ehjSwoFKHGlpo=; b=V/iywuZikOLBpw EerFBEz2PBBBL8KFSH93vGFeZug1/TXPSxGOjVrI0q+yMmclRnoCD39rqJjucSgAQwr5VVGrvq6Jf NbQ85jlYQe572jVD7dQikGFUPqP4f57ZbhpNtko6sNsNVJqPh7VszOZIf3OhqH1WAbs3hr+O/6DKX uNf85KbC/rSDI3U8ofd8OIKKH7Cc6PtocY/pi2vOcv5xYF43VoRZ/vpcHXuQfdU/Lac9pcEymiB80 FBZnbSwo4gtvoeaHqBdCe+EL5ooO52BNP3cXwdCLb/MMWKLME/Z0E3hEdqj0U+IZ+TfU4ikAGU/VI Z/FB1A6Hi2mqFJnkMaxA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1s14MF-000000000K0-3iyM; Sun, 28 Apr 2024 13:14:19 +0000 Received: from perseus.uberspace.de ([95.143.172.134]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1s14M5-000000000Dm-09Tq for hostap@lists.infradead.org; Sun, 28 Apr 2024 13:14:14 +0000 Received: (qmail 7418 invoked by uid 988); 28 Apr 2024 13:14:00 -0000 Authentication-Results: perseus.uberspace.de; auth=pass (plain) Received: from unknown (HELO unkown) (::1) by perseus.uberspace.de (Haraka/3.0.1) with ESMTPSA; Sun, 28 Apr 2024 15:13:59 +0200 From: David Bauer To: hostap@lists.infradead.org Subject: [PATCH v2 5/5] scan: stored last-seen transition SSID Date: Sun, 28 Apr 2024 15:13:44 +0200 Message-ID: <20240428131344.334314-6-mail@david-bauer.net> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240428131344.334314-1-mail@david-bauer.net> References: <20240428131344.334314-1-mail@david-bauer.net> MIME-Version: 1.0 X-Rspamd-Bar: - X-Rspamd-Report: MID_CONTAINS_FROM(1) BAYES_HAM(-2.999999) MIME_GOOD(-0.1) R_MISSING_CHARSET(0.5) X-Rspamd-Score: -1.599999 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=david-bauer.net; s=uberspace; h=from:to:subject:date; bh=iIXPm26qIXoGxWfPZooh7fOHeyc24hcvUkmMyD7IPm0=; b=TLpJup4RQofXPwkouWrL6K1kPyK26lgrJG0dYGQRwcdWM58G+Fje9k7A3tY9/gN+d00ZltageS KaxhQUskU0YXDrFYNwDE3Rm000ubUt/YdjbOzYnD/7wyMUR9A1Iuzxgtmes13fSZDxDppiImQHU3 2KUNtvTpEWgLhCuOfC1qqUE87/tA4vnFByxTxk7ER1ZtIRW4GhB3LVBxZpzLWi9y4l046S9M/aV7 V5mPIEx87tH4NZf6YXjvAWyhTxV63vII3zaucZ4g+mvSba48rVF6upqx4pB2TZmxebtwaB7sDzb9 ps2nsfXl85ZC6DGxlkUP2FkiKG7JAJ5PEVn2/MbkmtEvbhTVMlJeVW7/+CK95lSf0gT94VBG3iMV I91O6c0VIYBQi9RxsBAtVADQqNsK/Paoh+u3+vzrliD1jzXmhnmyX9tpazHsxzJbNwfWga5lb5at xcR7sMcpJr6pfNg/ijxRUPT05unCzddnVH6fwj6rETyrKwJr4lvWUKK1Y2Gub1FuTOzfnCh5saWa 0oM+71HAP/UHZmwnQt1bnH+Mb1Sgp1QxorOCcZUw1C7T+1Kf9FTXs4ps+CpfLgq7b/g9OTU0adEw QZmqa1AtNDZrQQbdalDSUu1eqnMDjhYCZIxpyqYof/c7l/NnodA2PvmPl4XMd3ze3uKmFby0ug7B g= X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240428_061409_522807_3C9E4D0D X-CRM114-Status: GOOD ( 18.31 ) X-Spam-Score: -0.9 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Store the last seen transition SSID when conneted to an OWE network enabling transition-mode. This speeds up discovery of hidden transition networks when connected on 6GHz. As 6 GHz does not use inter-band transition mode operation, the transition SSID name is missing from beacons on this band [...] Content analysis details: (-0.9 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [95.143.172.134 listed in list.dnswl.org] -0.0 SPF_HELO_PASS SPF: HELO matches SPF record -0.0 SPF_PASS SPF: sender matches SPF record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Store the last seen transition SSID when conneted to an OWE network enabling transition-mode. This speeds up discovery of hidden transition networks when connected on 6GHz. As 6 GHz does not use inter-band transition mode operation, the transition SSID name is missing from beacons on this band. When the scan-list times out, wpa_supplicant has to scan two consecutive times to first discover transition networks on 2.4 and 5GHz. Optimize this by storing the last transition-SSID independent from the scan-results. Signed-off-by: David Bauer --- wpa_supplicant/bss.c | 34 ++++++++++++++++++++++++++----- wpa_supplicant/events.c | 4 ++++ wpa_supplicant/scan.c | 12 +++++++++++ wpa_supplicant/wpa_supplicant_i.h | 2 ++ 4 files changed, 47 insertions(+), 5 deletions(-) diff --git a/wpa_supplicant/bss.c b/wpa_supplicant/bss.c index b9bf06c45..7357e092e 100644 --- a/wpa_supplicant/bss.c +++ b/wpa_supplicant/bss.c @@ -909,7 +909,7 @@ void wpa_bss_update_scan_res(struct wpa_supplicant *wpa_s, struct wpa_scan_res *res, struct os_reltime *fetch_time) { - const u8 *ssid, *p2p, *mesh, *owe, *rsn; + const u8 *ssid, *p2p, *mesh, *owe; struct wpa_bss *bss; if (wpa_s->conf->ignore_old_scan_res) { @@ -940,11 +940,35 @@ void wpa_bss_update_scan_res(struct wpa_supplicant *wpa_s, return; } - /* Don't add hidden OWE transition networks with RSN. They are explicitly scanned for. */ - rsn = wpa_scan_get_ie(res, WLAN_EID_RSN); owe = wpa_scan_get_vendor_ie(res, OWE_IE_VENDOR_TYPE); - if (owe && rsn && (ssid[1] == 0 || ssid[2] == 0)) - return; + if (owe) { + const uint8_t *rsn; + + rsn = wpa_scan_get_ie(res, WLAN_EID_RSN); + + /** + * Don't add hidden OWE transition networks with RSN. + * They are explicitly scanned for. + */ + if (rsn && (ssid[1] == 0 || ssid[2] == 0)) + return; +#ifdef CONFIG_OWE + const uint8_t *owe_bssid, *owe_ssid; + size_t owe_ssid_len; + + /** + * If the network is an OWE transition network, store the transition SSID + * to allow scanning for it later when on a 6GHz network with expired + * scan results. + */ + if (!rsn && + !wpa_bss_get_owe_trans_network(wpa_s, owe, &owe_bssid, + &owe_ssid, &owe_ssid_len)) { + os_memcpy(wpa_s->owe_trans_ssid.ssid, owe_ssid, owe_ssid_len); + wpa_s->owe_trans_ssid.ssid_len = owe_ssid_len; + } +#endif /* CONFIG_OWE */ + } p2p = wpa_scan_get_vendor_ie(res, P2P_IE_VENDOR_TYPE); #ifdef CONFIG_P2P diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c index abeaefff1..e20eae549 100644 --- a/wpa_supplicant/events.c +++ b/wpa_supplicant/events.c @@ -383,6 +383,10 @@ void wpa_supplicant_mark_disassoc(struct wpa_supplicant *wpa_s) wpa_s->key_mgmt = 0; wpa_s->allowed_key_mgmts = 0; +#ifdef CONFIG_OWE + wpa_s->owe_trans_ssid.ssid_len = 0; +#endif + #ifndef CONFIG_NO_RRM wpas_rrm_reset(wpa_s); #endif /* CONFIG_NO_RRM */ diff --git a/wpa_supplicant/scan.c b/wpa_supplicant/scan.c index 8a0387301..d9a7c9e10 100644 --- a/wpa_supplicant/scan.c +++ b/wpa_supplicant/scan.c @@ -976,6 +976,18 @@ void wpa_add_owe_scan_ssid(struct wpa_supplicant *wpa_s, owe_ssid, owe_ssid_len); return; } + + /** + * Check if we can add a stored transition-mode SSID. + * This is helpful if the scan-list only contains 6 GHz networks + * which do not have a transition SSID. + */ + if (wpa_s->owe_trans_ssid.ssid_len == 0) + return; + + wpa_add_scan_ssid(wpa_s, params, max_ssids, + wpa_s->owe_trans_ssid.ssid, + wpa_s->owe_trans_ssid.ssid_len); #endif /* CONFIG_OWE */ } diff --git a/wpa_supplicant/wpa_supplicant_i.h b/wpa_supplicant/wpa_supplicant_i.h index 426d077d2..c785f0d04 100644 --- a/wpa_supplicant/wpa_supplicant_i.h +++ b/wpa_supplicant/wpa_supplicant_i.h @@ -1602,6 +1602,8 @@ struct wpa_supplicant { /* An array of frequencies to scan for OWE transition mode BSSs when * owe_transition_search == 1 */ int *owe_trans_scan_freq; + /* The last transition-SSID seen if operating in transition-mode */ + struct wpa_ssid_value owe_trans_ssid; #endif /* CONFIG_OWE */ #ifdef CONFIG_NAN_USD