From 4b5b8a53a145edd9e6486322689c93f5f426f3e9 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Tue, 11 Oct 2016 00:25:20 +0300 Subject: [PATCH] WPS: Force BSSID for WPS provisioning step connection This was already done for most driver cases, but it is possible that the BSSID/frequency is not forced if the driver reports BSS selection capability (e.g., NL80211_ATTR_ROAM_SUPPORT). That could potentially result in the driver ignoring the BSSID/frequency hint and associating with another (incorrect) AP for the WPS provisioning step if that another AP in the same ESS is more preferred (e.g., better signal strength) by the driver and only one of the APs (the not preferred one) is in active WPS registrar state. While most drivers follow the BSSID hint for the initial connection to an ESS, not doing it here for the WPS provisioning would break the protocol. Fix this by enforcing a single BSSID/frequency to disallow the driver from selecting an incorrect AP for the WPS provisioning association. Signed-off-by: Jouni Malinen --- wpa_supplicant/wpa_supplicant.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c index c939321f7..247943245 100644 --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c @@ -2461,12 +2461,14 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit) if (bss) { params.ssid = bss->ssid; params.ssid_len = bss->ssid_len; - if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) { + if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set || + wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) { wpa_printf(MSG_DEBUG, "Limit connection to BSSID " MACSTR " freq=%u MHz based on scan results " - "(bssid_set=%d)", + "(bssid_set=%d wps=%d)", MAC2STR(bss->bssid), bss->freq, - ssid->bssid_set); + ssid->bssid_set, + wpa_s->key_mgmt == WPA_KEY_MGMT_WPS); params.bssid = bss->bssid; params.freq.freq = bss->freq; }