aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2009-01-23 19:57:43 (GMT)
committerJouni Malinen <j@w1.fi>2009-02-08 10:19:22 (GMT)
commit63dd43ac94f4ae2513c17d9a9fbe9bd2b9510d27 (patch)
tree0d7d0c97d73629c60eb980e0299625add9813b28 /src
parente51609f083579fb3de4bfb9e6eb9a6f6f8256b51 (diff)
downloadhostap-06-63dd43ac94f4ae2513c17d9a9fbe9bd2b9510d27.zip
hostap-06-63dd43ac94f4ae2513c17d9a9fbe9bd2b9510d27.tar.gz
hostap-06-63dd43ac94f4ae2513c17d9a9fbe9bd2b9510d27.tar.bz2
WPS: Lock AP Setup on multiple AP PIN validation failures
If a Registrar tries to configure the AP, but fails to validate the device password (AP PIN), lock the AP setup after four failures. This protects the AP PIN against brute force guessing attacks. (cherry picked from commit 3b2cf800afaaf4eec53a237541ec08bebc4c1a0c)
Diffstat (limited to 'src')
-rw-r--r--src/common/wpa_ctrl.h1
-rw-r--r--src/wps/wps.h13
-rw-r--r--src/wps/wps_common.c14
-rw-r--r--src/wps/wps_enrollee.c2
-rw-r--r--src/wps/wps_i.h1
-rw-r--r--src/wps/wps_registrar.c8
6 files changed, 38 insertions, 1 deletions
diff --git a/src/common/wpa_ctrl.h b/src/common/wpa_ctrl.h
index f7cad57..1bfc0d6 100644
--- a/src/common/wpa_ctrl.h
+++ b/src/common/wpa_ctrl.h
@@ -73,6 +73,7 @@ extern "C" {
#define WPS_EVENT_PIN_NEEDED "WPS-PIN-NEEDED "
#define WPS_EVENT_NEW_AP_SETTINGS "WPS-NEW-AP-SETTINGS "
#define WPS_EVENT_REG_SUCCESS "WPS-REG-SUCCESS "
+#define WPS_EVENT_AP_SETUP_LOCKED "WPS-AP-SETUP-LOCKED "
/* wpa_supplicant/hostapd control interface access */
diff --git a/src/wps/wps.h b/src/wps/wps.h
index 7524acb..e18adab 100644
--- a/src/wps/wps.h
+++ b/src/wps/wps.h
@@ -278,7 +278,12 @@ enum wps_event {
/**
* WPS_EV_SUCCESS - Registration succeeded
*/
- WPS_EV_SUCCESS
+ WPS_EV_SUCCESS,
+
+ /**
+ * WPS_EV_PWD_AUTH_FAIL - Password authentication failed
+ */
+ WPS_EV_PWD_AUTH_FAIL
};
/**
@@ -312,6 +317,11 @@ union wps_event_data {
struct wps_event_fail {
int msg;
} fail;
+
+ struct wps_event_pwd_auth_fail {
+ int enrollee;
+ int part;
+ } pwd_auth_fail;
};
/**
@@ -444,6 +454,7 @@ int wps_registrar_unlock_pin(struct wps_registrar *reg, const u8 *uuid);
int wps_registrar_button_pushed(struct wps_registrar *reg);
void wps_registrar_probe_req_rx(struct wps_registrar *reg, const u8 *addr,
const struct wpabuf *wps_data);
+int wps_registrar_update_ie(struct wps_registrar *reg);
unsigned int wps_pin_checksum(unsigned int pin);
unsigned int wps_pin_valid(unsigned int pin);
diff --git a/src/wps/wps_common.c b/src/wps/wps_common.c
index 050f043..48af303 100644
--- a/src/wps/wps_common.c
+++ b/src/wps/wps_common.c
@@ -321,3 +321,17 @@ void wps_success_event(struct wps_context *wps)
wps->event_cb(wps->cb_ctx, WPS_EV_SUCCESS, NULL);
}
+
+
+void wps_pwd_auth_fail_event(struct wps_context *wps, int enrollee, int part)
+{
+ union wps_event_data data;
+
+ if (wps->event_cb == NULL)
+ return;
+
+ os_memset(&data, 0, sizeof(data));
+ data.pwd_auth_fail.enrollee = enrollee;
+ data.pwd_auth_fail.part = part;
+ wps->event_cb(wps->cb_ctx, WPS_EV_PWD_AUTH_FAIL, &data);
+}
diff --git a/src/wps/wps_enrollee.c b/src/wps/wps_enrollee.c
index dda8fc6..d02f1c0 100644
--- a/src/wps/wps_enrollee.c
+++ b/src/wps/wps_enrollee.c
@@ -580,6 +580,7 @@ static int wps_process_r_snonce1(struct wps_data *wps, const u8 *r_snonce1)
wpa_printf(MSG_DEBUG, "WPS: R-Hash1 derived from R-S1 does "
"not match with the pre-committed value");
wps->config_error = WPS_CFG_DEV_PASSWORD_AUTH_FAILURE;
+ wps_pwd_auth_fail_event(wps->wps, 1, 1);
return -1;
}
@@ -619,6 +620,7 @@ static int wps_process_r_snonce2(struct wps_data *wps, const u8 *r_snonce2)
wpa_printf(MSG_DEBUG, "WPS: R-Hash2 derived from R-S2 does "
"not match with the pre-committed value");
wps->config_error = WPS_CFG_DEV_PASSWORD_AUTH_FAILURE;
+ wps_pwd_auth_fail_event(wps->wps, 1, 2);
return -1;
}
diff --git a/src/wps/wps_i.h b/src/wps/wps_i.h
index da7f769..7221af3 100644
--- a/src/wps/wps_i.h
+++ b/src/wps/wps_i.h
@@ -187,6 +187,7 @@ struct wpabuf * wps_decrypt_encr_settings(struct wps_data *wps, const u8 *encr,
size_t encr_len);
void wps_fail_event(struct wps_context *wps, enum wps_msg_type msg);
void wps_success_event(struct wps_context *wps);
+void wps_pwd_auth_fail_event(struct wps_context *wps, int enrollee, int part);
/* wps_attr_parse.c */
int wps_parse_msg(const struct wpabuf *msg, struct wps_parse_attr *attr);
diff --git a/src/wps/wps_registrar.c b/src/wps/wps_registrar.c
index 7ddd649..8ef982b 100644
--- a/src/wps/wps_registrar.c
+++ b/src/wps/wps_registrar.c
@@ -1477,6 +1477,7 @@ static int wps_process_e_snonce1(struct wps_data *wps, const u8 *e_snonce1)
wpa_printf(MSG_DEBUG, "WPS: E-Hash1 derived from E-S1 does "
"not match with the pre-committed value");
wps->config_error = WPS_CFG_DEV_PASSWORD_AUTH_FAILURE;
+ wps_pwd_auth_fail_event(wps->wps, 0, 1);
return -1;
}
@@ -1517,6 +1518,7 @@ static int wps_process_e_snonce2(struct wps_data *wps, const u8 *e_snonce2)
"not match with the pre-committed value");
wps_registrar_invalidate_pin(wps->wps->registrar, wps->uuid_e);
wps->config_error = WPS_CFG_DEV_PASSWORD_AUTH_FAILURE;
+ wps_pwd_auth_fail_event(wps->wps, 0, 2);
return -1;
}
@@ -2219,3 +2221,9 @@ enum wps_process_res wps_registrar_process_msg(struct wps_data *wps,
return WPS_FAILURE;
}
}
+
+
+int wps_registrar_update_ie(struct wps_registrar *reg)
+{
+ return wps_set_ie(reg);
+}