From: Sebastian Priebe Date: Wed, 26 Apr 2023 13:22:02 +0000 (+0000) Subject: Only advertise MSCS and SCS in Association Request if supported by AP X-Git-Tag: hostap_2_11~877 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e97d7c5a6a3e9d5bd6a61e1e07d2699cda4d5312;p=thirdparty%2Fhostap.git Only advertise MSCS and SCS in Association Request if supported by AP Since wpa_supplicant version 2.10 the extended capabilities MSCS and SCS are advertised in the (Re)Association Request frames. This causes the association request to be rejected by several access points. Issue was observed with: - D-Link DIR600 - TP-Link AC1900 - Synology MR2200ac To avoid this issue the extended capabilities MSCS and SCS shall only be added if the bss also supports them. While this may not follow the exact behavior described in IEEE 802.11, this is a reasonable compromise to avoid interoperability issues since these capabilities cannot be used with an AP that does not support them anyway. Note: The Extended Capabilities element is only included in the Association Request frames if the AP also sent its extended capabilities (see wpas_populate_assoc_ies()) as a workaround for misbehaving APs. This workaround exists since version 2.1. Signed-off-by: Sebastian Priebe --- diff --git a/wpa_supplicant/scan.c b/wpa_supplicant/scan.c index ef5e3e696..5c5c399e9 100644 --- a/wpa_supplicant/scan.c +++ b/wpa_supplicant/scan.c @@ -621,7 +621,7 @@ void wpa_supplicant_set_default_scan_ies(struct wpa_supplicant *wpa_s) wpa_drv_get_ext_capa(wpa_s, type); ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab, - sizeof(ext_capab)); + sizeof(ext_capab), NULL); if (ext_capab_len > 0 && wpabuf_resize(&default_ies, ext_capab_len) == 0) wpabuf_put_data(default_ies, ext_capab, ext_capab_len); @@ -743,7 +743,7 @@ static struct wpabuf * wpa_supplicant_extra_ies(struct wpa_supplicant *wpa_s) wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION); ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab, - sizeof(ext_capab)); + sizeof(ext_capab), NULL); if (ext_capab_len > 0 && wpabuf_resize(&extra_ie, ext_capab_len) == 0) wpabuf_put_data(extra_ie, ext_capab, ext_capab_len); diff --git a/wpa_supplicant/sme.c b/wpa_supplicant/sme.c index 578e1828c..233adce5b 100644 --- a/wpa_supplicant/sme.c +++ b/wpa_supplicant/sme.c @@ -930,7 +930,7 @@ static void sme_send_authentication(struct wpa_supplicant *wpa_s, wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION); ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab, - sizeof(ext_capab)); + sizeof(ext_capab), bss); if (ext_capab_len > 0) { u8 *pos = wpa_s->sme.assoc_req_ie; if (wpa_s->sme.assoc_req_ie_len > 0 && pos[0] == WLAN_EID_RSN) diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c index f288f3fa1..f1dc00651 100644 --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c @@ -2077,7 +2077,8 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s, } -static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx) +static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx, + struct wpa_bss *bss) { bool scs = true, mscs = true; @@ -2128,6 +2129,13 @@ static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx) if (wpa_s->disable_scs_support) scs = false; #endif /* CONFIG_TESTING_OPTIONS */ + if (bss && !wpa_bss_ext_capab(bss, WLAN_EXT_CAPAB_SCS)) { + /* Drop own SCS capability indication since the AP does + * not support it. This is needed to avoid + * interoperability issues with APs that get confused + * with Extended Capabilities element. */ + scs = false; + } if (scs) *pos |= 0x40; /* Bit 54 - SCS */ break; @@ -2150,6 +2158,13 @@ static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx) if (wpa_s->disable_mscs_support) mscs = false; #endif /* CONFIG_TESTING_OPTIONS */ + if (bss && !wpa_bss_ext_capab(bss, WLAN_EXT_CAPAB_MSCS)) { + /* Drop own MSCS capability indication since the AP does + * not support it. This is needed to avoid + * interoperability issues with APs that get confused + * with Extended Capabilities element. */ + mscs = false; + } if (mscs) *pos |= 0x20; /* Bit 85 - Mirrored SCS */ break; @@ -2157,7 +2172,8 @@ static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx) } -int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf, size_t buflen) +int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf, + size_t buflen, struct wpa_bss *bss) { u8 *pos = buf; u8 len = 11, i; @@ -2173,7 +2189,7 @@ int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf, size_t buflen) *pos++ = WLAN_EID_EXT_CAPAB; *pos++ = len; for (i = 0; i < len; i++, pos++) { - wpas_ext_capab_byte(wpa_s, pos, i); + wpas_ext_capab_byte(wpa_s, pos, i, bss); if (i < wpa_s->extended_capa_len) { *pos &= ~wpa_s->extended_capa_mask[i]; @@ -3495,7 +3511,7 @@ static u8 * wpas_populate_assoc_ies( u8 ext_capab[18]; int ext_capab_len; ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab, - sizeof(ext_capab)); + sizeof(ext_capab), bss); if (ext_capab_len > 0 && wpa_ie_len + ext_capab_len <= max_wpa_ie_len) { u8 *pos = wpa_ie; diff --git a/wpa_supplicant/wpa_supplicant_i.h b/wpa_supplicant/wpa_supplicant_i.h index 8787ba61f..d3bd5e196 100644 --- a/wpa_supplicant/wpa_supplicant_i.h +++ b/wpa_supplicant/wpa_supplicant_i.h @@ -1696,7 +1696,8 @@ int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid, size_t ssid_len); void wpas_request_connection(struct wpa_supplicant *wpa_s); void wpas_request_disconnection(struct wpa_supplicant *wpa_s); -int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf, size_t buflen); +int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf, size_t buflen, + struct wpa_bss *bss); int wpas_update_random_addr(struct wpa_supplicant *wpa_s, enum wpas_mac_addr_style style, struct wpa_ssid *ssid);