mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2025-01-18 02:44:03 -05:00
WPS: Ignore other APs if PBC is used with a specific BSSID
While the WSC specification requires the Enrollee to stop PBC provisioning if the scan sees multiple APs in active PBC mode, this is problematic due to some deployed devices continuing to advertise PBC mode for extended duration (or even permanently). Such an environment will still need to prevent wildcard AP selection with PBC since an incorrect device could be selected. However, if the Enrollee device has been explicitly requested to connect to a specific AP based on its BSSID, the other APs in scan results can be ignored without affecting which AP would be selected (only the one matching the specified BSSID is acceptable). Start filtering scan results for PBC session overlap check based on the locally specified constraint on the BSSID, if one is set. This allows PBC to be used with "WPS_PBC <BSSID>" command in environment where another AP device is claiming to be in active PBC mode while "WPS_PBC" command will still continue to reject provisioning since the correct AP cannot be selected. This will also cover the P2P cases where P2P_CONNECT is used to start or authorize GO Negotiation and joining-a-GO with a specific P2P GO Interface Address (BSSID). Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
parent
f1d3856090
commit
3fadb1dcc0
@ -1829,6 +1829,10 @@ int wpas_wps_scan_pbc_overlap(struct wpa_supplicant *wpa_s,
|
||||
wpa_printf(MSG_DEBUG, "WPS: Check whether PBC session overlap is "
|
||||
"present in scan results; selected BSSID " MACSTR,
|
||||
MAC2STR(selected->bssid));
|
||||
if (!is_zero_ether_addr(ssid->bssid))
|
||||
wpa_printf(MSG_DEBUG,
|
||||
"WPS: Network profile limited to accept only a single BSSID " MACSTR,
|
||||
MAC2STR(ssid->bssid));
|
||||
|
||||
/* Make sure that only one AP is in active PBC mode */
|
||||
wps_ie = wpa_bss_get_vendor_ie_multi(selected, WPS_IE_VENDOR_TYPE);
|
||||
@ -1849,6 +1853,14 @@ int wpas_wps_scan_pbc_overlap(struct wpa_supplicant *wpa_s,
|
||||
os_memcmp(selected->bssid, ap->bssid, ETH_ALEN) == 0)
|
||||
continue;
|
||||
|
||||
if (!is_zero_ether_addr(ssid->bssid) &&
|
||||
os_memcmp(ap->bssid, ssid->bssid, ETH_ALEN) != 0) {
|
||||
wpa_printf(MSG_DEBUG, "WPS: Ignore another BSS " MACSTR
|
||||
" in active PBC mode due to local BSSID limitation",
|
||||
MAC2STR(ap->bssid));
|
||||
continue;
|
||||
}
|
||||
|
||||
wpa_printf(MSG_DEBUG, "WPS: Another BSS in active PBC mode: "
|
||||
MACSTR, MAC2STR(ap->bssid));
|
||||
wpa_hexdump(MSG_DEBUG, "WPS: UUID of the other BSS",
|
||||
|
Loading…
Reference in New Issue
Block a user