From patchwork Sun Apr 28 13:13:42 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: David Bauer <mail@david-bauer.net>
X-Patchwork-Id: 1928654
Return-Path: 
 <hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@legolas.ozlabs.org
Authentication-Results: legolas.ozlabs.org;
	dkim=pass (2048-bit key;
 secure) header.d=lists.infradead.org header.i=@lists.infradead.org
 header.a=rsa-sha256 header.s=bombadil.20210309 header.b=vv9j8Tkb;
	dkim=fail reason="signature verification failed" (4096-bit key;
 secure) header.d=david-bauer.net header.i=@david-bauer.net
 header.a=rsa-sha256 header.s=uberspace header.b=ybfXWWzf;
	dkim-atps=neutral
Authentication-Results: legolas.ozlabs.org;
 spf=none (no SPF record) smtp.mailfrom=lists.infradead.org
 (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org;
 envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org;
 receiver=patchwork.ozlabs.org)
Received: from bombadil.infradead.org (bombadil.infradead.org
 [IPv6:2607:7c80:54:3::133])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384)
	(No client certificate requested)
	by legolas.ozlabs.org (Postfix) with ESMTPS id 4VS6Pl6S00z23tF
	for <incoming@patchwork.ozlabs.org>; Sun, 28 Apr 2024 23:14:50 +1000 (AEST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=lists.infradead.org; s=bombadil.20210309; h=Sender:
	Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post:
	List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To:
	Message-ID:Date:Subject:To:From:Reply-To:Cc:Content-ID:Content-Description:
	Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:
	List-Owner; bh=stAefcpnFvmveS5X+P/Tm6tOflCs4QQPs8kTIujW/6k=; b=vv9j8TkbNTql0n
	cZrrlw0xoPMmePWINJUGDL4mJOSD6BHQqapO33OZMxC5Gi90jFkyGXjJXeXGPMLOxvpDJ59V0R3sV
	kzKl+TBEBdFs+B9+br2J7S2UMJ6UXqrg8tRGWvv/zGPDIp1IdQzhSzwwC/9ZEFb1BL1XDJNrL1AEF
	QFBid9zGdEYEp5EGkFGdlB3ISNOAx7GykUf62nlHrs3y0/Yklo/B2XS+SrkPXOeJhEL8is8hdMueZ
	76ORMSVeQuEUAgH1rvwyhX20+tMprnoDsS7M4FnS8vpGgjIoiKsYIZj9PBu71143KMFcwWffZrzz7
	jzQ7JPCSHBUY0MEfCUZw==;
Received: from localhost ([::1] helo=bombadil.infradead.org)
	by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux))
	id 1s14ML-000000000Ll-0t0N;
	Sun, 28 Apr 2024 13:14:25 +0000
Received: from perseus.uberspace.de ([95.143.172.134])
	by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux))
	id 1s14M4-000000000Dk-3nW9
	for hostap@lists.infradead.org;
	Sun, 28 Apr 2024 13:14:13 +0000
Received: (qmail 7408 invoked by uid 988); 28 Apr 2024 13:13:59 -0000
Authentication-Results: perseus.uberspace.de;
	auth=pass (plain)
Received: from unknown (HELO unkown) (::1)
	by perseus.uberspace.de (Haraka/3.0.1) with ESMTPSA;
 Sun, 28 Apr 2024 15:13:59 +0200
From: David Bauer <mail@david-bauer.net>
To: hostap@lists.infradead.org
Subject: [PATCH v2 3/5] bss: don't add hidden OWE transition-networks to
 scan-list
Date: Sun, 28 Apr 2024 15:13:42 +0200
Message-ID: <20240428131344.334314-4-mail@david-bauer.net>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <20240428131344.334314-1-mail@david-bauer.net>
References: <20240428131344.334314-1-mail@david-bauer.net>
MIME-Version: 1.0
X-Rspamd-Bar: -
X-Rspamd-Report: MID_CONTAINS_FROM(1) BAYES_HAM(-3) MIME_GOOD(-0.1)
 R_MISSING_CHARSET(0.5)
X-Rspamd-Score: -1.6
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
	d=david-bauer.net; s=uberspace;
	h=from:to:subject:date;
	bh=yMQAqJ+WvmiAYG3mR+eaPiUugCiCj+bzw5ceyLZLhmY=;
	b=ybfXWWzfyrDl+69ssyya5OxULF1OQ27fiZg+p66ez1Q99Qs3Y0JCeBBvHalqwRjArIocVsPnf+
	0yHR+ZiOLETdkLICW0ajuln1pbFWl0h2rPbxnZZgnjUEOTohxPQSSThIBBFkE3Tu/Uk+CP5yPBur
	o7aIQLbF94ac4VcQNoM2oYagEm1ryk1DIwzpTwSOhLn5pXvUkZvlg2bn4Je3s2c/UEUaZq/6qe+6
	/YkvJRx0zv5y0R02tmM2cUrk9OlIFf25h6semHuAI5Om0cCKjeAfK+R0E7ffCB0hGXmVZSTxl41f
	gwRdMFhSYyB65n/iraSGsKYBIGxsc2EJmuhnQzU4QlpVO+31ZlgHYUWkvdomLJKzIluUp1AhRefQ
	7VfT6nrJiO5+4uM8Yu6bvh7KigUqmERz5zx0dMLWGkdoGh0229sdTr9uu7sXee+EaJyltXKBN4VL
	1MS8fI6zdNZJQPQNV7E1qTWFxtXVo1NF3dPX5PTK5D35CzPu1/m5scqp8iDJCSD6Z4/nuQKmTvFe
	UKGlCp2gGfnz5gFffQa4tq52Hcx9gBQN+il/269FWQ3bVWx20mq6xvKazGUDt8rX1H4RJvyPIYPL
	+1pfiX+l00qvqC2z1eSey5f3szJY5sOJGiFMysXJ/CcwXMWo/GkEFlafrUTdzH1flCGRXRxRwsde
	o=
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 
X-CRM114-CacheID: sfid-20240428_061409_556597_54D3507C 
X-CRM114-Status: UNSURE (   9.52  )
X-CRM114-Notice: Please train this message.
X-Spam-Score: -0.9 (/)
X-Spam-Report: Spam detection software,
 running on the system "bombadil.infradead.org",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 the administrator of that system for details.
 Content preview:  When adding these networks hidden,
 they get re-added for the
    same BSSID when scanning for the transition-SSID. Skip adding the
 OWE-SSIDs
    in case the SSID was not explicitly scanned for. Signed-off-by: David
 Bauer
    <mail@david-bauer.net> --- wpa_supplicant/bss.c | 8 +++++++- 1 file
 changed,
    7 insertions(+), 1 deletion(-)
 Content analysis details:   (-0.9 points, 5.0 required)
  pts rule name              description
 ---- ----------------------
 --------------------------------------------------
 -0.7 RCVD_IN_DNSWL_LOW      RBL: Sender listed at https://www.dnswl.org/, low
                             trust
                             [95.143.172.134 listed in list.dnswl.org]
 -0.0 SPF_HELO_PASS          SPF: HELO matches SPF record
 -0.0 SPF_PASS               SPF: sender matches SPF record
  0.1 DKIM_SIGNED            Message has a DKIM or DK signature,
 not necessarily valid
 -0.1 DKIM_VALID             Message has at least one valid DKIM or DK
 signature
 -0.1 DKIM_VALID_EF          Message has a valid DKIM or DK signature from
                             envelope-from domain
 -0.1 DKIM_VALID_AU          Message has a valid DKIM or DK signature from
 author's
                             domain
X-BeenThere: hostap@lists.infradead.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: <hostap.lists.infradead.org>
List-Unsubscribe: <http://lists.infradead.org/mailman/options/hostap>,
 <mailto:hostap-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/hostap/>
List-Post: <mailto:hostap@lists.infradead.org>
List-Help: <mailto:hostap-request@lists.infradead.org?subject=help>
List-Subscribe: <http://lists.infradead.org/mailman/listinfo/hostap>,
 <mailto:hostap-request@lists.infradead.org?subject=subscribe>
Sender: "Hostap" <hostap-bounces@lists.infradead.org>
Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org

When adding these networks hidden, they get re-added for the same BSSID
when scanning for the transition-SSID. Skip adding the OWE-SSIDs in case
the SSID was not explicitly scanned for.

Signed-off-by: David Bauer <mail@david-bauer.net>
---
 wpa_supplicant/bss.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/wpa_supplicant/bss.c b/wpa_supplicant/bss.c
index e528af280..b9bf06c45 100644
--- a/wpa_supplicant/bss.c
+++ b/wpa_supplicant/bss.c
@@ -909,7 +909,7 @@ void wpa_bss_update_scan_res(struct wpa_supplicant *wpa_s,
 			     struct wpa_scan_res *res,
 			     struct os_reltime *fetch_time)
 {
-	const u8 *ssid, *p2p, *mesh;
+	const u8 *ssid, *p2p, *mesh, *owe, *rsn;
 	struct wpa_bss *bss;
 
 	if (wpa_s->conf->ignore_old_scan_res) {
@@ -940,6 +940,12 @@ void wpa_bss_update_scan_res(struct wpa_supplicant *wpa_s,
 		return;
 	}
 
+	/* Don't add hidden OWE transition networks with RSN. They are explicitly scanned for. */
+	rsn = wpa_scan_get_ie(res, WLAN_EID_RSN);
+	owe = wpa_scan_get_vendor_ie(res, OWE_IE_VENDOR_TYPE);
+	if (owe && rsn && (ssid[1] == 0 || ssid[2] == 0))
+		return;
+
 	p2p = wpa_scan_get_vendor_ie(res, P2P_IE_VENDOR_TYPE);
 #ifdef CONFIG_P2P
 	if (p2p == NULL &&