aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2009-11-01 19:59:30 (GMT)
committerJouni Malinen <j@w1.fi>2009-11-25 23:03:58 (GMT)
commitbc71535ddfd8dc8946655cbbc3c0e1c18d6b4d09 (patch)
treec0b026d79782ba40918724e78ed837cb2342a0ea
parent0bb7739cc8a7fbb967ca84da1f8ac0e3cf6c255e (diff)
downloadhostap-06-bc71535ddfd8dc8946655cbbc3c0e1c18d6b4d09.zip
hostap-06-bc71535ddfd8dc8946655cbbc3c0e1c18d6b4d09.tar.gz
hostap-06-bc71535ddfd8dc8946655cbbc3c0e1c18d6b4d09.tar.bz2
WPS: Abort ongoing PBC protocol run if session overlap is detected
If PBC session overlap is detected during an ongoing PBC protocol run, reject the run (if M8, i.e., credentials, have not yet been sent). This provides a bit longer monitoring time at the Registrar for PBC mode to catch some cases where two Enrollees in PBC mode try to enroll credentials at about the same time. (cherry picked from commit 2e7144451697738f55f2864cbc5d7116443fe6c8)
-rw-r--r--src/wps/wps_registrar.c36
1 files changed, 35 insertions, 1 deletions
diff --git a/src/wps/wps_registrar.c b/src/wps/wps_registrar.c
index edeb421..67b4620 100644
--- a/src/wps/wps_registrar.c
+++ b/src/wps/wps_registrar.c
@@ -103,6 +103,8 @@ struct wps_registrar {
int sel_reg_dev_password_id_override;
int sel_reg_config_methods_override;
int static_wep_only;
+
+ int force_pbc_overlap;
};
@@ -639,6 +641,7 @@ int wps_registrar_button_pushed(struct wps_registrar *reg)
return -1;
}
wpa_printf(MSG_DEBUG, "WPS: Button pushed - PBC mode started");
+ reg->force_pbc_overlap = 0;
reg->selected_registrar = 1;
reg->pbc = 1;
wps_set_ie(reg);
@@ -708,6 +711,11 @@ void wps_registrar_probe_req_rx(struct wps_registrar *reg, const u8 *addr,
MACSTR, MAC2STR(addr));
wps_registrar_add_pbc_session(reg, addr, attr.uuid_e);
+ if (wps_registrar_pbc_overlap(reg, addr, attr.uuid_e)) {
+ wpa_printf(MSG_DEBUG, "WPS: PBC session overlap detected");
+ reg->force_pbc_overlap = 1;
+ wps_pbc_overlap_event(reg->wps);
+ }
}
@@ -1928,13 +1936,15 @@ static enum wps_process_res wps_process_m1(struct wps_data *wps,
}
if (wps->dev_pw_id == DEV_PW_PUSHBUTTON) {
- if (wps_registrar_pbc_overlap(wps->wps->registrar,
+ if (wps->wps->registrar->force_pbc_overlap ||
+ wps_registrar_pbc_overlap(wps->wps->registrar,
wps->mac_addr_e, wps->uuid_e)) {
wpa_printf(MSG_DEBUG, "WPS: PBC overlap - deny PBC "
"negotiation");
wps->state = SEND_M2D;
wps->config_error = WPS_CFG_MULTIPLE_PBC_DETECTED;
wps_pbc_overlap_event(wps->wps);
+ wps->wps->registrar->force_pbc_overlap = 1;
return WPS_CONTINUE;
}
wps_registrar_add_pbc_session(wps->wps->registrar,
@@ -1960,6 +1970,14 @@ static enum wps_process_res wps_process_m3(struct wps_data *wps,
return WPS_CONTINUE;
}
+ if (wps->pbc && wps->wps->registrar->force_pbc_overlap) {
+ wpa_printf(MSG_DEBUG, "WPS: Reject negotiation due to PBC "
+ "session overlap");
+ wps->state = SEND_WSC_NACK;
+ wps->config_error = WPS_CFG_MULTIPLE_PBC_DETECTED;
+ return WPS_CONTINUE;
+ }
+
if (wps_process_registrar_nonce(wps, attr->registrar_nonce) ||
wps_process_authenticator(wps, attr->authenticator, msg) ||
wps_process_e_hash1(wps, attr->e_hash1) ||
@@ -1989,6 +2007,14 @@ static enum wps_process_res wps_process_m5(struct wps_data *wps,
return WPS_CONTINUE;
}
+ if (wps->pbc && wps->wps->registrar->force_pbc_overlap) {
+ wpa_printf(MSG_DEBUG, "WPS: Reject negotiation due to PBC "
+ "session overlap");
+ wps->state = SEND_WSC_NACK;
+ wps->config_error = WPS_CFG_MULTIPLE_PBC_DETECTED;
+ return WPS_CONTINUE;
+ }
+
if (wps_process_registrar_nonce(wps, attr->registrar_nonce) ||
wps_process_authenticator(wps, attr->authenticator, msg)) {
wps->state = SEND_WSC_NACK;
@@ -2088,6 +2114,14 @@ static enum wps_process_res wps_process_m7(struct wps_data *wps,
return WPS_CONTINUE;
}
+ if (wps->pbc && wps->wps->registrar->force_pbc_overlap) {
+ wpa_printf(MSG_DEBUG, "WPS: Reject negotiation due to PBC "
+ "session overlap");
+ wps->state = SEND_WSC_NACK;
+ wps->config_error = WPS_CFG_MULTIPLE_PBC_DETECTED;
+ return WPS_CONTINUE;
+ }
+
if (wps_process_registrar_nonce(wps, attr->registrar_nonce) ||
wps_process_authenticator(wps, attr->authenticator, msg)) {
wps->state = SEND_WSC_NACK;