aboutsummaryrefslogtreecommitdiffstats
path: root/hostapd
diff options
context:
space:
mode:
authorJouni Malinen <jouni@qca.qualcomm.com>2017-08-14 18:07:09 (GMT)
committerJouni Malinen <j@w1.fi>2017-08-14 18:07:09 (GMT)
commitae048257cb78c18b8296ad966314af79c6c0b471 (patch)
tree91ebbfd8890d546bf3d60932e988bee80f823a48 /hostapd
parent2bdbace634ff76c0ed4302bed3ff199557fc7ef2 (diff)
downloadhostap-ae048257cb78c18b8296ad966314af79c6c0b471.zip
hostap-ae048257cb78c18b8296ad966314af79c6c0b471.tar.gz
hostap-ae048257cb78c18b8296ad966314af79c6c0b471.tar.bz2
WPS: Interpret zero length ap_pin hostapd.conf parameter as "unset"
hostapd allows arbitrary AP PIN to be used in WPS. This means that setting ap_pin to a zero length string ends up enabling AP PIN so that external registrars can use this specific zero lenth ap_pin value. There are apparently some APs that have used this invalid configuration with unintended results. While the proper fix for that is to fix the component that generates the invalid configuration, hostapd can also reject such values since the likelihood of a real world use case for zero length AP PIN (Device Password) is minimal. Start interpreting zero length ap_pin parameter value as a request to "unset" the previously set value in hostapd.conf (or if not previously set, leave it unset). With this, a hostapd.conf file including the "ap_pin=" line will end up getting interpretted just like that same file with the ap_pin parameter completely removed, i.e., with AP PIN being disabled. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Diffstat (limited to 'hostapd')
-rw-r--r--hostapd/config_file.c5
1 files changed, 4 insertions, 1 deletions
diff --git a/hostapd/config_file.c b/hostapd/config_file.c
index a398bb1..cc799d4 100644
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -3147,7 +3147,10 @@ static int hostapd_config_fill(struct hostapd_config *conf,
}
} else if (os_strcmp(buf, "ap_pin") == 0) {
os_free(bss->ap_pin);
- bss->ap_pin = os_strdup(pos);
+ if (*pos == '\0')
+ bss->ap_pin = NULL;
+ else
+ bss->ap_pin = os_strdup(pos);
} else if (os_strcmp(buf, "skip_cred_build") == 0) {
bss->skip_cred_build = atoi(pos);
} else if (os_strcmp(buf, "extra_cred") == 0) {