From 3fadb1dcc083430fe8cbe9891ddb28cd8c023e25 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Mon, 24 Feb 2020 19:53:49 +0200 Subject: [PATCH] WPS: Ignore other APs if PBC is used with a specific BSSID While the WSC specification requires the Enrollee to stop PBC provisioning if the scan sees multiple APs in active PBC mode, this is problematic due to some deployed devices continuing to advertise PBC mode for extended duration (or even permanently). Such an environment will still need to prevent wildcard AP selection with PBC since an incorrect device could be selected. However, if the Enrollee device has been explicitly requested to connect to a specific AP based on its BSSID, the other APs in scan results can be ignored without affecting which AP would be selected (only the one matching the specified BSSID is acceptable). Start filtering scan results for PBC session overlap check based on the locally specified constraint on the BSSID, if one is set. This allows PBC to be used with "WPS_PBC " command in environment where another AP device is claiming to be in active PBC mode while "WPS_PBC" command will still continue to reject provisioning since the correct AP cannot be selected. This will also cover the P2P cases where P2P_CONNECT is used to start or authorize GO Negotiation and joining-a-GO with a specific P2P GO Interface Address (BSSID). Signed-off-by: Jouni Malinen --- wpa_supplicant/wps_supplicant.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/wpa_supplicant/wps_supplicant.c b/wpa_supplicant/wps_supplicant.c index 99ddd26ca..063b4e69f 100644 --- a/wpa_supplicant/wps_supplicant.c +++ b/wpa_supplicant/wps_supplicant.c @@ -1829,6 +1829,10 @@ int wpas_wps_scan_pbc_overlap(struct wpa_supplicant *wpa_s, wpa_printf(MSG_DEBUG, "WPS: Check whether PBC session overlap is " "present in scan results; selected BSSID " MACSTR, MAC2STR(selected->bssid)); + if (!is_zero_ether_addr(ssid->bssid)) + wpa_printf(MSG_DEBUG, + "WPS: Network profile limited to accept only a single BSSID " MACSTR, + MAC2STR(ssid->bssid)); /* Make sure that only one AP is in active PBC mode */ wps_ie = wpa_bss_get_vendor_ie_multi(selected, WPS_IE_VENDOR_TYPE); @@ -1849,6 +1853,14 @@ int wpas_wps_scan_pbc_overlap(struct wpa_supplicant *wpa_s, os_memcmp(selected->bssid, ap->bssid, ETH_ALEN) == 0) continue; + if (!is_zero_ether_addr(ssid->bssid) && + os_memcmp(ap->bssid, ssid->bssid, ETH_ALEN) != 0) { + wpa_printf(MSG_DEBUG, "WPS: Ignore another BSS " MACSTR + " in active PBC mode due to local BSSID limitation", + MAC2STR(ap->bssid)); + continue; + } + wpa_printf(MSG_DEBUG, "WPS: Another BSS in active PBC mode: " MACSTR, MAC2STR(ap->bssid)); wpa_hexdump(MSG_DEBUG, "WPS: UUID of the other BSS",