path: root/wpa_supplicant
diff options
authorLior David <qca_liord@qca.qualcomm.com>2017-09-28 18:55:09 (GMT)
committerJouni Malinen <j@w1.fi>2017-10-03 16:19:01 (GMT)
commitfa4b605a0d1dcbd32a5038d61b90b8efd1ec7645 (patch)
tree1fc9ce6613b49fe7a451d2223ba1c8dae4656d48 /wpa_supplicant
parent002b49ed074e06ffdb6c7800e4976996ef069d67 (diff)
WPS: Do not increment wildcard_uuid when pin is locked
Commit 84751b98c151f70c322b6b7f70d967400e147852 ('WPS: Allow wildcard UUID PIN to be used twice') relaxed the constraints on how many time a wildcard PIN can be used to allow two attempts. However, it did this in a way that could result in concurrent attempts resulting in the wildcard PIN being invalidated even without the second attempt actually going as far as trying to use the PIN and a WPS protocol run. wildcard_uuid is a flag/counter set for wildcard PINs and it is incremented whenever the PIN is retrieved by wps_registrar_get_pin(). Eventually it causes the wildcard PIN to be released, effectively limiting the number of registration attempts with a wildcard PIN. With the previous implementation, when the PIN is in use and locked (PIN_LOCKED), it is not returned from wps_registrar_get_pin() but wildcard_uuid is still incremented which can cause the PIN to be released earlier and stations will have fewer registration attempts with it. Fix this scenario by only incrementing wildcard_uuid if the PIN is actually going to be returned and used. Signed-off-by: Lior David <qca_liord@qca.qualcomm.com>
Diffstat (limited to 'wpa_supplicant')
0 files changed, 0 insertions, 0 deletions