WPS: Ignore other APs if PBC is used with a specific BSSID

While the WSC specification requires the Enrollee to stop PBC
provisioning if the scan sees multiple APs in active PBC mode, this is
problematic due to some deployed devices continuing to advertise PBC
mode for extended duration (or even permanently). Such an environment
will still need to prevent wildcard AP selection with PBC since an
incorrect device could be selected. However, if the Enrollee device has
been explicitly requested to connect to a specific AP based on its
BSSID, the other APs in scan results can be ignored without affecting
which AP would be selected (only the one matching the specified BSSID is
acceptable).

Start filtering scan results for PBC session overlap check based on the
locally specified constraint on the BSSID, if one is set. This allows
PBC to be used with "WPS_PBC <BSSID>" command in environment where
another AP device is claiming to be in active PBC mode while "WPS_PBC"
command will still continue to reject provisioning since the correct AP
cannot be selected.

This will also cover the P2P cases where P2P_CONNECT is used to start or
authorize GO Negotiation and joining-a-GO with a specific P2P GO
Interface Address (BSSID).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>

diff --git a/wpa_supplicant/wps_supplicant.c b/wpa_supplicant/wps_supplicant.c
index 99ddd26ca7d7535bdf2dae2900bcc79a63d83604..063b4e69f9f3d7556bc5be7c1eef161d11ca61f0 100644 (file)
--- a/wpa_supplicant/wps_supplicant.c
+++ b/wpa_supplicant/wps_supplicant.c
@@ -1829,6 +1829,10 @@ int wpas_wps_scan_pbc_overlap(struct wpa_supplicant *wpa_s,
        wpa_printf(MSG_DEBUG, "WPS: Check whether PBC session overlap is "
                   "present in scan results; selected BSSID " MACSTR,
                   MAC2STR(selected->bssid));
+       if (!is_zero_ether_addr(ssid->bssid))
+               wpa_printf(MSG_DEBUG,
+                          "WPS: Network profile limited to accept only a single BSSID " MACSTR,
+                          MAC2STR(ssid->bssid));
 
        /* Make sure that only one AP is in active PBC mode */
        wps_ie = wpa_bss_get_vendor_ie_multi(selected, WPS_IE_VENDOR_TYPE);
@@ -1849,6 +1853,14 @@ int wpas_wps_scan_pbc_overlap(struct wpa_supplicant *wpa_s,
                    os_memcmp(selected->bssid, ap->bssid, ETH_ALEN) == 0)
                        continue;
 
+               if (!is_zero_ether_addr(ssid->bssid) &&
+                   os_memcmp(ap->bssid, ssid->bssid, ETH_ALEN) != 0) {
+                       wpa_printf(MSG_DEBUG, "WPS: Ignore another BSS " MACSTR
+                                  " in active PBC mode due to local BSSID limitation",
+                                  MAC2STR(ap->bssid));
+                       continue;
+               }
+
                wpa_printf(MSG_DEBUG, "WPS: Another BSS in active PBC mode: "
                           MACSTR, MAC2STR(ap->bssid));
                wpa_hexdump(MSG_DEBUG, "WPS: UUID of the other BSS",