atheros: Accept Public Action frames sent to Wildcard BSSID

Previously, the check for mgmt->bssid matching own address (= BSSID)
ended up rejecting the case where Public Action frames are using
Wildcard BSSID in the Address 3 field. This could result in GAS queries
being dropped. Fix this by allowing both the own address (= AP BSSID)
and Wildcard BSSID in Action frame Address 3 field.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

diff --git a/src/drivers/driver_atheros.c b/src/drivers/driver_atheros.c
index ba3cad0..a88345f 100644 (file)
--- a/src/drivers/driver_atheros.c
+++ b/src/drivers/driver_atheros.c
@@ -868,6 +868,16 @@ static void atheros_raw_receive(void *ctx, const u8 *src_addr, const u8 *buf,
                return;
        }
 
+       if (stype == WLAN_FC_STYPE_ACTION &&
+           (os_memcmp(drv->own_addr, mgmt->bssid, ETH_ALEN) == 0 ||
+            is_broadcast_ether_addr(mgmt->bssid))) {
+               os_memset(&event, 0, sizeof(event));
+               event.rx_mgmt.frame = buf;
+               event.rx_mgmt.frame_len = len;
+               wpa_supplicant_event(drv->hapd, EVENT_RX_MGMT, &event);
+               return;
+       }
+
        if (os_memcmp(drv->own_addr, mgmt->bssid, ETH_ALEN) != 0) {
                wpa_printf(MSG_DEBUG, "%s: BSSID does not match - ignore",
                           __func__);
@@ -889,12 +899,6 @@ static void atheros_raw_receive(void *ctx, const u8 *src_addr, const u8 *buf,
                iebuf = mgmt->u.reassoc_req.variable;
                drv_event_assoc(drv->hapd, mgmt->sa, iebuf, ielen, 1);
                break;
-       case WLAN_FC_STYPE_ACTION:
-               os_memset(&event, 0, sizeof(event));
-               event.rx_mgmt.frame = buf;
-               event.rx_mgmt.frame_len = len;
-               wpa_supplicant_event(drv->hapd, EVENT_RX_MGMT, &event);
-               break;
        case WLAN_FC_STYPE_AUTH:
                if (len < IEEE80211_HDRLEN + sizeof(mgmt->u.auth))
                        break;