wpa_supplicant: Add BTM security checks

components/wpa_supplicant/src/common/scan.c

@@ -36,6 +36,10 @@ void wpa_supplicant_req_scan(struct wpa_supplicant *wpa_s, int sec, int usec)
 		wpa_dbg(wpa_s, MSG_DEBUG, "Already scanning - Return");
 		return;
 	}
+	if (!wpa_s->current_bss) {
+		wpa_dbg(wpa_s, MSG_INFO, "Current BSS is null - Return");
+		return;
+	}
 	params = os_zalloc(sizeof(*params));
 
 	if (!params) {

components/wpa_supplicant/src/common/wnm_sta.c

@@ -308,12 +308,15 @@ bool wpa_scan_res_match(struct wpa_supplicant *wpa_s,
 		return false;
 	}
 
-	/* TODO security Match */
+	/* Just check for Open/secure mode */
+	if ((current_bss->caps & WLAN_CAPABILITY_PRIVACY) != (target_bss->caps & WLAN_CAPABILITY_PRIVACY)) {
+		wpa_printf(MSG_DEBUG, "WNM: Security didn't match");
+		return false;
+	}
 
 	return true;
 }
 
-
 static struct wpa_bss *
 compare_scan_neighbor_results(struct wpa_supplicant *wpa_s, os_time_t age_secs,
 			      enum mbo_transition_reject_reason *reason)