aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJouni Malinen <jouni@qca.qualcomm.com>2012-11-01 14:30:35 (GMT)
committerJouni Malinen <j@w1.fi>2012-11-01 14:30:35 (GMT)
commitb363121a208e3d18fe80682430a5f50cefaa3595 (patch)
treec200f4c61cbfb786d6d00b92abe65a0407ec4f38
parent8c9ad085e91688ed64812dd894b5e3a5fc536582 (diff)
downloadhostap-b363121a208e3d18fe80682430a5f50cefaa3595.zip
hostap-b363121a208e3d18fe80682430a5f50cefaa3595.tar.gz
hostap-b363121a208e3d18fe80682430a5f50cefaa3595.tar.bz2
WPS: Reject invalid credential more cleanly
If WPS Registrar tries to provision a WPA/WPA2-Personal network without including a valid Network Key, the network block cannot be used to connect to the network. Reject such credential without adding the network block. This makes wpa_supplicant send WSC_NACK as a response to the invalid Credential and stop the provisioning process immediately rather than only after trying unsuccessfully to connect to the network. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
-rw-r--r--src/wps/wps_enrollee.c5
-rw-r--r--wpa_supplicant/wps_supplicant.c9
2 files changed, 12 insertions, 2 deletions
diff --git a/src/wps/wps_enrollee.c b/src/wps/wps_enrollee.c
index 389aa84..a8beb64 100644
--- a/src/wps/wps_enrollee.c
+++ b/src/wps/wps_enrollee.c
@@ -665,6 +665,7 @@ static int wps_process_cred_e(struct wps_data *wps, const u8 *cred,
{
struct wps_parse_attr attr;
struct wpabuf msg;
+ int ret = 0;
wpa_printf(MSG_DEBUG, "WPS: Received Credential");
os_memset(&wps->cred, 0, sizeof(wps->cred));
@@ -714,12 +715,12 @@ static int wps_process_cred_e(struct wps_data *wps, const u8 *cred,
if (wps->wps->cred_cb) {
wps->cred.cred_attr = cred - 4;
wps->cred.cred_attr_len = cred_len + 4;
- wps->wps->cred_cb(wps->wps->cb_ctx, &wps->cred);
+ ret = wps->wps->cred_cb(wps->wps->cb_ctx, &wps->cred);
wps->cred.cred_attr = NULL;
wps->cred.cred_attr_len = 0;
}
- return 0;
+ return ret;
}
diff --git a/wpa_supplicant/wps_supplicant.c b/wpa_supplicant/wps_supplicant.c
index 41aa5db..ddd400b 100644
--- a/wpa_supplicant/wps_supplicant.c
+++ b/wpa_supplicant/wps_supplicant.c
@@ -256,6 +256,15 @@ static int wpa_supplicant_wps_cred(void *ctx,
return 0;
}
+ if (auth_type == WPS_AUTH_WPAPSK || auth_type == WPS_AUTH_WPA2PSK) {
+ if (cred->key_len < 8 || cred->key_len > 2 * PMK_LEN) {
+ wpa_printf(MSG_ERROR, "WPS: Reject PSK credential with "
+ "invalid Network Key length %lu",
+ (unsigned long) cred->key_len);
+ return -1;
+ }
+ }
+
if (ssid && (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
wpa_printf(MSG_DEBUG, "WPS: Replace WPS network block based "
"on the received credential");