diff options
| author | Lior David <qca_liord@qca.qualcomm.com> | 2017-09-28 18:55:09 (GMT) |
|---|---|---|
| committer | Jouni Malinen <j@w1.fi> | 2017-10-03 16:19:01 (GMT) |
| commit | fa4b605a0d1dcbd32a5038d61b90b8efd1ec7645 (patch) | |
| tree | 1fc9ce6613b49fe7a451d2223ba1c8dae4656d48 /wpa_supplicant | |
| parent | 002b49ed074e06ffdb6c7800e4976996ef069d67 (diff) | |
| download | hostap-fa4b605a0d1dcbd32a5038d61b90b8efd1ec7645.zip hostap-fa4b605a0d1dcbd32a5038d61b90b8efd1ec7645.tar.gz hostap-fa4b605a0d1dcbd32a5038d61b90b8efd1ec7645.tar.bz2 | |
WPS: Do not increment wildcard_uuid when pin is locked
Commit 84751b98c151f70c322b6b7f70d967400e147852 ('WPS: Allow wildcard
UUID PIN to be used twice') relaxed the constraints on how many time a
wildcard PIN can be used to allow two attempts. However, it did this in
a way that could result in concurrent attempts resulting in the wildcard
PIN being invalidated even without the second attempt actually going as
far as trying to use the PIN and a WPS protocol run.
wildcard_uuid is a flag/counter set for wildcard PINs and it is
incremented whenever the PIN is retrieved by wps_registrar_get_pin().
Eventually it causes the wildcard PIN to be released, effectively
limiting the number of registration attempts with a wildcard PIN.
With the previous implementation, when the PIN is in use and locked
(PIN_LOCKED), it is not returned from wps_registrar_get_pin() but
wildcard_uuid is still incremented which can cause the PIN to be
released earlier and stations will have fewer registration attempts with
it. Fix this scenario by only incrementing wildcard_uuid if the PIN is
actually going to be returned and used.
Signed-off-by: Lior David <qca_liord@qca.qualcomm.com>
Diffstat (limited to 'wpa_supplicant')
0 files changed, 0 insertions, 0 deletions