[PATCH 1/1] hostapd: Allow roam from OWE transition to OWE only AP
Jithu Jance (Syna)
jithu.jance at broadcom.com
Wed Jun 25 17:30:57 PDT 2025
Hi Jouni,
Gentle reminder.
This patch is for a scenario where a user roams from OWE transition
mode AP to OWE only AP with both APs having the same SSID for OWE BSS.
Since the current_ssid profile holds open BSS SSID and drv_ssid holds
OWE BSS SSID, the below condition check doesn't satisfy.
The OWE BSS SSID information is only part of previous bss and hence
we referred to the current_bss of previous AP to confirm SSID remains
the same.
Please advise whether the approach attempted is fine or not. Does it
make sense to store the owe BSS ssid also in the current_ssid
structure for comparison?
```
if (drv_ssid_len == wpa_s->current_ssid->ssid_len &&
os_memcmp(drv_ssid, wpa_s->current_ssid->ssid,
drv_ssid_len) == 0)
return 0; /* current profile still in use */
```
Jithu Jance
Jithu Jance
On Wed, Jun 25, 2025 at 2:33 PM Jithu Jance (Syna)
<jithu.jance at broadcom.com> wrote:
>
> Hi Jouni,
>
> Gentle reminder.
>
> This patch is for a scenario where a user roams from OWE transition mode AP to OWE only AP with both APs having the same SSID for OWE BSS.
> Since the current_ssid profile holds open BSS SSID and drv_ssid holds OWE BSS SSID, the below condition check doesn't satisfy.
> The OWE BSS SSID information is only part of previous bss and hence we referred to the current_bss of previous AP to confirm SSID remains the same.
> Please advise whether the approach attempted is fine or not. Does it make sense to store the owe BSS ssid also in the current_ssid structure for comparison?
>
> ```
> if (drv_ssid_len == wpa_s->current_ssid->ssid_len &&
> os_memcmp(drv_ssid, wpa_s->current_ssid->ssid,
> drv_ssid_len) == 0)
> return 0; /* current profile still in use */
> ```
>
>
>
> Jithu Jance
>
>
> On Wed, Apr 16, 2025 at 10:01 AM Vinayak Yadawad <vinayak.yadawad at broadcom.com> wrote:
>>
>> Hi Jouni,
>>
>> Could you please review our update and provide any suggestions.
>>
>> Regards,
>> Vinayak
>>
>>
>> On Thu, Jan 2, 2025 at 2:28 PM Vinayak Yadawad
>> <vinayak.yadawad at broadcom.com> wrote:
>> >
>> > Hi Jouni,
>> >
>> > The scenario is of multiple APs containing both OWE-transition and OWE
>> > only mode APs in same network. The OWE BSS of transition mode and OWE
>> > only AP
>> > is configured with same SSID and roam is attempted between them.
>> > Initially the STA is connected to OWE-transition AP in OWE mode.
>> > For e.g: open mode SSID is "SSID_open" and transition mode SSID is
>> > "SSID1_owe". Now when a roam is triggered to an OWE-only AP with name
>> > "SSID1_owe", the SSID comparison fails as ssid profile stores open BSS
>> > SSID (SSID_open). The roam fails with error "No network configuration
>> > found for the current AP".
>> > So the current change would help to compare the previous connection
>> > SSID instead of conf->SSID.
>> >
>> > Logs for roam failure from OWE-transition to OWE-only AP:
>> > 689.959 2125 2125 D wpa_supplicant: wlan0: Associated to a new
>> > BSS: BSSID=00:90:4c:4c:84:99
>> > 689.959 2125 2125 D wpa_supplicant: wlan0: Driver-initiated BSS
>> > selection changed the SSID to G3_Tb_58_AP_ROAM_2G_6_19_owe
>> > 689.959 2125 2125 D wpa_supplicant: wlan0: Select network based
>> > on association information
>> > 689.959 2125 2125 I wpa_supplicant: wlan0: No network
>> > configuration found for the current AP
>> > 689.959 2125 2125 D wpa_supplicant: wlan0: Request to
>> > deauthenticate - bssid=00:90:4c:4c:84:99
>> > pending_bssid=00:00:00:00:00:00 reason=3 (DEAUTH_LEAVING)
>> > state=ASSOCIATED valid_links=0x0 ap_mld_addr=00:00:00:00:00:00
>> > 689.959 2125 2125 D wpa_supplicant: TDLS: Tear down peers
>> > 689.959 2125 2125 D wpa_supplicant:
>> > wpa_driver_nl80211_disconnect(reason_code=3)
>> > 690.388 2125 2125 I wpa_supplicant: nl80211: send_event_marker
>> > failed: Source based routing not supported
>> > 690.388 2125 2125 D wpa_supplicant: wlan0: Event DEAUTH (11) received
>> > 690.388 2125 2125 D wpa_supplicant: wlan0: Deauthentication notification
>> > 690.388 2125 2125 D wpa_supplicant: wlan0: * reason 3
>> > (DEAUTH_LEAVING) locally_generated=1
>> > 690.388 2125 2125 D wpa_supplicant: Deauthentication frame IE(s)
>> > - hexdump(len=0): [NULL]
>> > 690.388 2125 2125 I wpa_supplicant: wlan0:
>> > CTRL-EVENT-DISCONNECTED bssid=00:90:4c:4c:84:99 reason=3
>> > locally_generated=1
>> >
>> > Regards,
>> > Vinayak
>> >
>> >
>> > On Fri, Dec 27, 2024 at 12:34 AM Jouni Malinen <j at w1.fi> wrote:
>> > >
>> > > On Fri, Dec 13, 2024 at 02:15:27PM +0530, Vinayak Yadawad wrote:
>> > > > Currently STA roam works fine in case of OWE only AP to
>> > > > OWE-transition mode AP. The roam fails when STA is connected
>> > > > in OWE mode with OWE transition AP to an OWE only AP. In the
>> > > > OWE transition case, the current_ssid stores only open network
>> > > > SSID, specific check is required to compare the OWE BSS ssid
>> > > > from the previous target and new target.
>> > >
>> > > The change in owe_trans_ssid() is a clear fix to a recent regression, so
>> > > I applied that separately. As far as the changes in
>> > > wpa_supplicant_select_config() are concerned, I'm not completely sure I
>> > > understood them since the comment about the added OWE transition mode AP
>> > > to OWE-only AP comparison of the SSID does not seem to match what I
>> > > would have expected from the actual memcmp(). The SSID of the previous
>> > > BSS (i.e., the transition mode AP) is a random value that does not match
>> > > the network profile whereas the SSID of the selected BSS (i.e., OWE-only
>> > > AP) is the SSID of the network profile. Those are different and as such,
>> > > the new memcmp() == 0 case would not be met..
>> > >
>> > > Would you be able to share a debug log showing what fails without this
>> > > patch?
>> > >
>> > > I did some cleanup while reviewing and trying to understand this and
>> > > this is what I came up with while still not fully understanding what
>> > > this trying to do:
>> > >
>> > > From: Vinayak Yadawad <vinayak.yadawad at broadcom.com>
>> > > Date: Fri, 13 Dec 2024 14:15:27 +0530
>> > > Subject: [PATCH] OWE: Allow roam from OWE transition mode AP to OWE-only AP
>> > >
>> > > Currently STA roam works fine in case of OWE only AP to
>> > > OWE-transition mode AP. The roam fails when STA is connected
>> > > in OWE mode with OWE transition AP to an OWE only AP. In the
>> > > OWE transition case, the current_ssid stores only open network
>> > > SSID, specific check is required to compare the OWE BSS ssid
>> > > from the previous target and new target.
>> > >
>> > > Signed-off-by: Vinayak Yadawad <vinayak.yadawad at broadcom.com>
>> > > ---
>> > > wpa_supplicant/events.c | 38 ++++++++++++++++++++++++++++++++------
>> > > 1 file changed, 32 insertions(+), 6 deletions(-)
>> > >
>> > > diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c
>> > > index 279838afa2bf..e7285fcb5cea 100644
>> > > --- a/wpa_supplicant/events.c
>> > > +++ b/wpa_supplicant/events.c
>> > > @@ -226,6 +226,15 @@ static int wpa_supplicant_select_config(struct wpa_supplicant *wpa_s,
>> > > int res;
>> > >
>> > > if (wpa_s->conf->ap_scan == 1 && wpa_s->current_ssid) {
>> > > +#ifdef CONFIG_OWE
>> > > + struct wpa_bss *prev_bss;
>> > > +
>> > > + /* Remember the current BSS entry before update to a new one to
>> > > + * allow appropriate comparison in OWE transition mode cases
>> > > + * below. */
>> > > + prev_bss = wpa_s->current_bss;
>> > > +#endif /* CONFIG_OWE */
>> > > +
>> > > wpa_supplicant_update_current_bss(wpa_s, wpa_s->bssid);
>> > >
>> > > if (wpa_s->current_ssid->ssid_len == 0)
>> > > @@ -245,12 +254,29 @@ static int wpa_supplicant_select_config(struct wpa_supplicant *wpa_s,
>> > >
>> > > #ifdef CONFIG_OWE
>> > > if ((wpa_s->current_ssid->key_mgmt & WPA_KEY_MGMT_OWE) &&
>> > > - wpa_s->current_bss &&
>> > > - (wpa_s->current_bss->flags & WPA_BSS_OWE_TRANSITION) &&
>> > > - drv_ssid_len == wpa_s->current_bss->ssid_len &&
>> > > - os_memcmp(drv_ssid, wpa_s->current_bss->ssid,
>> > > - drv_ssid_len) == 0)
>> > > - return 0; /* current profile still in use */
>> > > + wpa_s->current_bss) {
>> > > + /* Handle the case where the selected BSS uses OWE
>> > > + * transition mode */
>> > > + if ((wpa_s->current_bss->flags &
>> > > + WPA_BSS_OWE_TRANSITION) &&
>> > > + drv_ssid_len == wpa_s->current_bss->ssid_len &&
>> > > + os_memcmp(drv_ssid, wpa_s->current_bss->ssid,
>> > > + drv_ssid_len) == 0)
>> > > + return 0; /* current profile still in use */
>> > > +
>> > > + /* Handle the case where the selected BSS uses OWE-only
>> > > + * mode and the previous one uses OWE transition mode.
>> > > + * The connected SSID would be that of the OWE network
>> > > + * where as current_ssid stores the open network SSID.
>> > > + */
>> > > + if (prev_bss &&
>> > > + (prev_bss->flags & WPA_BSS_OWE_TRANSITION) &&
>> > > + (prev_bss->ssid_len ==
>> > > + wpa_s->current_bss->ssid_len) &&
>> > > + os_memcmp(prev_bss->ssid, wpa_s->current_bss->ssid,
>> > > + wpa_s->current_bss->ssid_len) == 0)
>> > > + return 0; /* current profile still in use */
>> > > + }
>> > > #endif /* CONFIG_OWE */
>> > >
>> > > wpa_msg(wpa_s, MSG_DEBUG,
>> > > --
>> > > 2.43.0
>> > >
>> > > --
>> > > Jouni Malinen PGP id EFC895FA
--
This electronic communication and the information and any files transmitted
with it, or attached to it, are confidential and are intended solely for
the use of the individual or entity to whom it is addressed and may contain
information that is confidential, legally privileged, protected by privacy
laws, or otherwise restricted from disclosure to anyone else. If you are
not the intended recipient or the person responsible for delivering the
e-mail to the intended recipient, you are hereby notified that any use,
copying, distributing, dissemination, forwarding, printing, or copying of
this e-mail is strictly prohibited. If you received this e-mail in error,
please return the e-mail to the sender, delete it from your computer, and
destroy any printed copy of it.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4193 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.infradead.org/pipermail/hostap/attachments/20250626/cd871734/attachment.p7s>
More information about the Hostap
mailing list