No OWE transition mode element on hidden OWE network

[James Prestwood]

Ping, anyone seen this?

>From my end the path forward without this patch is to use
vendor_elements. This also adds the benefit of being able to include
channel/band information which isn't supported by these options.

My fear is that these options would be deployed as-is and cause
interoperability problems with IWD. And IWD is not planning on
supporting networks where the IE is missing, the book keeping and
lookup logic becomes much more complex.

I realize this code was written in 2017, long before any spec was even
released and OWE transitional networks are likely not deployed anywhere
yet... But in any case it would be great to get this taken care of now
and not end up in the same situations we have had with SAE in actual
consumer products:

http://lists.infradead.org/pipermail/hostap/2021-September/039842.html

On Thu, 2021-09-09 at 16:09 -0700, James Prestwood wrote:
> Hi,
> 
> While playing around with OWE transition mode I noticed the hidden OWE
> network has no OWE transition mode element. The two network configs are
> attached.
> 
> According to the OWE Spec v1.1, section 2.2.1:
> 
> "The OWE BSS shall include the OWE Transition Mode element in all
> Beacon and Probe Response frames to encapsulate the BSSID and SSID of
> the Open BSS."
> 
> I figured it was a misconfiguration but then I found the following code
> in src/ap/ieee802_11_shared.c:
> 
> static int hostapd_eid_owe_trans_enabled(struct hostapd_data *hapd)
> {
>         return hapd->conf->owe_transition_ssid_len > 0 &&
>                 !is_zero_ether_addr(hapd->conf->owe_transition_bssid);
> }
> 
> This is called prior to appending the OWE transition element so for the
> hidden SSID (where ssid_len < 0) it returns false and the IE is never
> built/appended.
> 
> Removing the SSID length check seems to fix this and I see the OWE
> transition element for the hidden OWE network. Attached is the patch to
> remove this length check.
> 
> Thanks,
> James