aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2010-08-24 13:42:26 (GMT)
committerJouni Malinen <j@w1.fi>2010-09-05 14:32:48 (GMT)
commit6dadf0b81921c313a805b022f1080038be0170a5 (patch)
tree9c4eec91be684fea4478fd314f86059ced9d2632
parentaa80fb188333f74329275b615b1ff0acd5b675b4 (diff)
downloadhostap-07-6dadf0b81921c313a805b022f1080038be0170a5.zip
hostap-07-6dadf0b81921c313a805b022f1080038be0170a5.tar.gz
hostap-07-6dadf0b81921c313a805b022f1080038be0170a5.tar.bz2
WPS: Optimize M2 processing in AP Setup Locked case
There is no need to process the public key and generate keys if the AP is going to reject this M2 anyway. This limits effect of potential CPU DoS attacks in cases where AP PIN is disabled. (cherry picked from commit ef546700e2da4ca3c518a879310f4a816480ee3c)
-rw-r--r--src/wps/wps_enrollee.c12
1 files changed, 8 insertions, 4 deletions
diff --git a/src/wps/wps_enrollee.c b/src/wps/wps_enrollee.c
index 68bc802..dff24d4 100644
--- a/src/wps/wps_enrollee.c
+++ b/src/wps/wps_enrollee.c
@@ -774,10 +774,7 @@ static enum wps_process_res wps_process_m2(struct wps_data *wps,
if (wps_process_registrar_nonce(wps, attr->registrar_nonce) ||
wps_process_enrollee_nonce(wps, attr->enrollee_nonce) ||
- wps_process_uuid_r(wps, attr->uuid_r) ||
- wps_process_pubkey(wps, attr->public_key, attr->public_key_len) ||
- wps_process_authenticator(wps, attr->authenticator, msg) ||
- wps_process_device_attrs(&wps->peer_dev, attr)) {
+ wps_process_uuid_r(wps, attr->uuid_r)) {
wps->state = SEND_WSC_NACK;
return WPS_CONTINUE;
}
@@ -791,6 +788,13 @@ static enum wps_process_res wps_process_m2(struct wps_data *wps,
return WPS_CONTINUE;
}
+ if (wps_process_pubkey(wps, attr->public_key, attr->public_key_len) ||
+ wps_process_authenticator(wps, attr->authenticator, msg) ||
+ wps_process_device_attrs(&wps->peer_dev, attr)) {
+ wps->state = SEND_WSC_NACK;
+ return WPS_CONTINUE;
+ }
+
wps->state = SEND_M3;
return WPS_CONTINUE;
}