[PATCH] Handling RSN Overriding for MLO connection

[Roman Stolz]

On main branch, commit 2a98e6b981fb3f

Just by review I found a RSNO issue which does not comply with the WPA3 Specification 3.5. By my understanding.
Rem.: I have no test devices to check this in real.

In detail:
According to WPA3 v3.5, chapter 14.2. a station, which will establish a multi-link connection, should observe the RSNOE#2 element for the security settings. In case it's not defined, there is no explicit behaviour defined how to proceed with processing the RSN(O)E. This means, from my understanding, the default behaviour should apply. First RSNO#2, second RSNO#1 and least RSNE. This is not reflected by the code. There is an immediate fallback from RSNO#2 to the RSNE.

If my understanding is correct, I would suggest the following patch:
---
wpa_supplicant/bss.c | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

diff --git a/wpa_supplicant/bss.c b/wpa_supplicant/bss.c
index 2cd9cc8c7..cb41f4a9a 100644
--- a/wpa_supplicant/bss.c
+++ b/wpa_supplicant/bss.c
@@ -2407,12 +2407,9 @@ const u8 * wpa_bss_get_rsne(struct wpa_supplicant *wpa_s,
 			return ie;
 		}
 
-		if (!mlo) {
-			ie = wpa_bss_get_vendor_ie(
-				bss, RSNE_OVERRIDE_IE_VENDOR_TYPE);
-			if (ie && wpa_bss_supported_rsne(wpa_s, ssid, ie))
-				return ie;
-		}
+		ie = wpa_bss_get_vendor_ie(bss, RSNE_OVERRIDE_IE_VENDOR_TYPE);
+		if (ie && wpa_bss_supported_rsne(wpa_s, ssid, ie))
+			return ie;
 	}
 #endif /* CONFIG_NO_WPA */
---

Regards,
Roman Stolz