| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
(cherry picked from commit d94d4bafbb43699d323d6f6e3e404000b3f0a7b4)
|
|
|
|
|
|
|
|
| |
I tried PBC with the hostapd registrar.
I pushed the button with "hostap_cli WPS_PBC".
But hostapd registrar always sends Selected Registrar Config Methods
attribute=0x0000 in beacon/probe response.
(cherry picked from commit 363a9e2434c00e06b76d1ec1add434a4a8fd970f)
|
|
|
|
|
|
| |
In theory, the ifname could be IFNAMSIZ characters long and there would
not be room for null termination.
(cherry picked from commit a3bfd14de1b9e7a89c0b610b0368d2dd7568d315)
|
|
|
|
|
| |
No point in adding extra "event_" to the name.
(cherry picked from commit d0184cb25c30a123bb73492f894840f879764164)
|
|
|
|
|
|
|
| |
Allow more than one pending PutWLANMessage data to be stored (M2/M2D
from multiple external Registrars) and drop pending M2/M2D messages when
the Enrollee replies with M3.
(cherry picked from commit 915c1ba3c575c32b9d31453b1a55b1a966f622bd)
|
|
|
|
|
|
| |
This makes it much easier to debug operations with multiple external
Registrars.
(cherry picked from commit 745f8b664d96cbe27539668a3655bd416e3c964f)
|
|
|
|
|
|
|
|
| |
Version attribute processing details are not described in the WPS spec,
but it is safer to allow minor version to change and only refuse to
process the message if major version is different from ours. This
matches with the behavior used in the Intel reference implementation.
(cherry picked from commit b93b6004e43931c189ce867613ba4237fb7ade2c)
|
|
|
|
| |
(cherry picked from commit f65cbff3a337888cd11a6fc1748709172c98b744)
|
|
|
|
| |
(cherry picked from commit fda90ab4b73b19d4638e8b7cd4c90458e51f9e3e)
|
|
|
|
|
|
|
| |
It looks like we don't set correspondent Device Password ID attribute in
M2 message during PBC registration. Without it TG185n STA was not able
to connect to our AP in PBC mode. Attached patch fixes this.
(cherry picked from commit 25e31cccbe55c2b87d7496326f834e0d0cc0b23d)
|
|
|
|
| |
(cherry picked from commit e80e5163f8b53f20f816f0d06d618f54ce3d79aa)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds mostly feature complete external Registrar support with the
main missing part being proper support for multiple external Registrars
working at the same time and processing of concurrent registrations when
using an external Registrar.
This code is based on Sony/Saice implementation
(https://www.saice-wpsnfc.bz/) and the changes made by Ted Merrill
(Atheros) to make it more suitable for hostapd design and embedded
systems. Some of the UPnP code is based on Intel's libupnp. Copyrights
and licensing are explained in src/wps/wps_upnp.c in more detail.
(cherry picked from commit f620268f13dd26c3a3f4ef5509d7d17c0f322a7d)
|
|
|
|
|
|
|
|
| |
We must not replace M1 with M2D as the last_msg since we need M1 to
validate a possible M2 after M2D. Since M2D and ACK/NACK replies do not
include Authenticator attribute, we can just ignore M2D as far as
updating last_msg is concerned.
(cherry picked from commit 39034ce80f45110f0311aa80ca9dd62d2083ed76)
|
|
|
|
|
|
|
| |
External Registrar in Vista may include NULL termination in the Network
Key when encoding an ASCII passphrase for WPA/WPA2-PSK. As a workaround,
remove this extra octet if present.
(cherry picked from commit 1a5a04c3de054dab90d0604256e540778ddbf099)
|
|
|
|
|
|
|
| |
If a Registrar tries to configure the AP, but fails to validate the
device password (AP PIN), lock the AP setup after four failures. This
protects the AP PIN against brute force guessing attacks.
(cherry picked from commit 3b2cf800afaaf4eec53a237541ec08bebc4c1a0c)
|
|
|
|
|
|
|
| |
This optional configuration parameter can be used to override AP
Settings attributes in M7 similarly to extra_cred option for Credential
attribute(s) in M8.
(cherry picked from commit 4c29cae9320ccc6675b59f41dddf652b997fdc71)
|
|
|
|
|
|
|
|
|
|
|
| |
WPS spec is not very specific on the presentation used for the DH
values. The Public Key attribute is described to be 192 octets long, so
that could be interpreted to imply that other places use fixed length
presentation for the DH keys. Change the DH derivation to use fixed
length bufferd by zero padding them from beginning if needed. This can
resolve infrequent (about 1/256 chance for both Public Key and Shared
Key being shorter) interop issues.
(cherry picked from commit b3ddab21223455c147bb18334745eddc5773b487)
|
|
|
|
|
|
|
|
|
|
| |
This is needed to allow external Registrar (at least the implementation
in Windows Vista) to configure the Enrollee.
With this patch and my previous patch (for wps.c) , I could pass "Wi-Fi
WPS Test Plan Version 1.0 [5.1.4. Add to AP using PIN Config method and
PASS PHRASE through wired external registrar]".
(cherry picked from commit 96fa129da9f742e76fe0bf9febfeb0ba3042b5c5)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I can't pass the "Wi-Fi WPS Test Plan Version 1.0 [5.1.4. Add to AP
using PIN Config method and PASS PHRASE through wired external
registrar]". The wpa_supplicant-0.6.7 can't recoginize the testbed
AP(BCM94704AGRRev-E.2.4) as WPS PIN AP. Because after PIN entered, the
AP sends Selected Registrar attribute=0 and not send Device Password ID
attribute.
The proposed change as-is removed validation of Selected Registrar
attribute completely. However, that part is not included in this commit
since it can cause problems for environments with multiple WPS-enabled
APs. Another workaround for this will be considered in wpa_supplicant
scanning process (e.g., start trying to use WPS with APs that do not set
Selected Registrar to TRUE after couple of scan runs that do not find
any APs with Selected Registrar TRUE).
(cherry picked from commit e29bcf9eab020e4bd9aae87a7b9602264d228f49)
|
|
|
|
|
|
|
|
|
|
| |
This operation can now be moved into an external program by configuring
hostapd with wps_cred_processing=1 and skip_cred_build=1. A new
ctrl_iface message (WPS-REG-SUCCESS <Enrollee MAC addr> <UUID-E>) will
be used to notify external programs of each successful registration and
that can be used as a tricker to move from unconfigured to configured
state.
(cherry picked from commit aabe26a136459ca8d6e0926a0bcd85835ddafc9a)
|
|
|
|
|
|
| |
WPS spec is not very clear on which MAC address is used here, but BSSID
makes more sense than Enrollee MAC address.
(cherry picked from commit 05bf32cc8763761248144fe476c6e8894f3aa1df)
|
|
|
|
|
|
|
| |
This makes it easier to pass the credential data to external programs
(e.g., Network Manager) for processing. The actual use of this data is
not yet included in hostapd/wpa_supplicant.
(cherry picked from commit eca6e0a9a586b999ff9a51315cd741650997366f)
|
|
|
|
| |
(cherry picked from commit 655e4666005a2054d4c20ea6f18b88b99c7b9b9b)
|
|
|
|
| |
(cherry picked from commit 6fa68a0ee550c6659ff426290ecdee4d425155b1)
|
| |
|
| |
|
|
|
|
|
| |
wps_context::registrar can be used as the only location for this
pointer.
|
|
|
|
|
| |
wps_context::ap is available for this purpose and there is no need to
change between AP and not AP between protocol runs.
|
| |
|
| |
|
|
|
|
|
| |
No need to configure these separately for each Enrollee in wps_config
since wps_context is now used both for Registrar and Enrollee.
|
|
|
|
|
|
|
| |
Some deployed WPS implementations fail to parse zero-length attributes.
As a workaround, send a null character if the device attribute string is
empty. This allows default values (empty strings) to be used without
interop issues.
|
|
|
|
|
|
|
|
| |
Before this change, it looked like an AP that was using wsccmd did not
get activated since wsccmd left the Selected Registrar Config Methods
attribute to be zero. Since Device Password ID can be used to
distinguish PBC from any other method, use only it to figure out whether
PBC or PIN method is active.
|
| |
|
|
|
|
|
|
| |
This callback is now used to stop wpa_supplicant from trying to continue
using parameters (most likely, device password) that do not work in a
loop. In addition, wpa_gui can now notify user of failed registration.
|
|
|
|
|
|
| |
The event callback will be used for various event messages and the M2D
notification is the first such message. It is used to notify wpa_gui
about Registrar not yet knowing the device password (PIN).
|
|
|
|
|
|
| |
Instead of sending out EAP-Failure on errors (on AP) or stopping (on
Supplicant), send a NACK message based on the allowed EAP state machine
transitions for EAP-WSC.
|
| |
|
|
|
|
|
|
|
| |
Since the Registrar may not yet know the UUID-E when a new PIN is
entered, use of a wildcard PIN that works with any UUID-E can be useful.
Such a PIN will be bound to the first Enrollee trying to use it and it
will be invalidated after the first use.
|
| |
|
|
|
|
|
|
|
|
| |
Fragment WPS IE if needed to fit into the IE length limits in hostapd
and Reassemble WPS IE data from multiple IEs in wpa_supplicant.
In addition, moved WPS code from events.c into wps_supplicant.c to clean
up module interfaces.
|
| |
|
| |
|
|
|
|
|
|
| |
These functions fit in better with the category of functions included in
wps.c. wps_common.c is now used for generic helper functions (currently,
only crypto code).
|
|
|
|
|
| |
To make it easier to find various functions, attribute functions were
split into wps_attr_{build,parse,process}.c.
|
|
|
|
| |
This allows the RF Bands attribute to be configured and stored.
|
|
|
|
|
| |
This code and the related attributes are not specific to Enrollee
functionality, so wps_common.c is the correct location for them.
|
|
|
|
|
| |
Use configured device data instead of hardcoded values to generate WPS
IE for Probe Request.
|
|
|
|
|
|
|
| |
WPS IE is now passed from hostapd association processing into EAP-WSC
and WPS processing. Request Type attribute is parsed from this
information and if the request is for a WLAN Manager Registrar,
additional management keys are derived (to be used with UPnP).
|
| |
|