mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2025-01-17 18:34:03 -05:00
WPS: Allow AP to start in Enrollee mode without AP PIN for probing
In theory, this should not really be needed, but Windows 7 uses Registrar mode to probe AP's WPS capabilities before trying to use Enrollee and fails if the AP does not allow that probing to happen. This allows the AP to start as an Enrollee and send M1, but refuse to continue beyond that (M3 will not be sent if AP PIN is not known).
This commit is contained in:
parent
67ccef7e6c
commit
6195adda9b
@ -566,15 +566,15 @@ hostapd_get_eap_user(const struct hostapd_bss_config *conf, const u8 *identity,
|
|||||||
return &wsc_enrollee;
|
return &wsc_enrollee;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (conf->wps_state && conf->ap_pin &&
|
if (conf->wps_state && identity_len == WSC_ID_REGISTRAR_LEN &&
|
||||||
identity_len == WSC_ID_REGISTRAR_LEN &&
|
|
||||||
os_memcmp(identity, WSC_ID_REGISTRAR, WSC_ID_REGISTRAR_LEN) == 0) {
|
os_memcmp(identity, WSC_ID_REGISTRAR, WSC_ID_REGISTRAR_LEN) == 0) {
|
||||||
static struct hostapd_eap_user wsc_registrar;
|
static struct hostapd_eap_user wsc_registrar;
|
||||||
os_memset(&wsc_registrar, 0, sizeof(wsc_registrar));
|
os_memset(&wsc_registrar, 0, sizeof(wsc_registrar));
|
||||||
wsc_registrar.methods[0].method = eap_server_get_type(
|
wsc_registrar.methods[0].method = eap_server_get_type(
|
||||||
"WSC", &wsc_registrar.methods[0].vendor);
|
"WSC", &wsc_registrar.methods[0].vendor);
|
||||||
wsc_registrar.password = (u8 *) conf->ap_pin;
|
wsc_registrar.password = (u8 *) conf->ap_pin;
|
||||||
wsc_registrar.password_len = os_strlen(conf->ap_pin);
|
wsc_registrar.password_len = conf->ap_pin ?
|
||||||
|
os_strlen(conf->ap_pin) : 0;
|
||||||
return &wsc_registrar;
|
return &wsc_registrar;
|
||||||
}
|
}
|
||||||
#endif /* CONFIG_WPS */
|
#endif /* CONFIG_WPS */
|
||||||
|
@ -426,7 +426,7 @@ static void hostapd_pwd_auth_fail(struct hostapd_data *hapd,
|
|||||||
{
|
{
|
||||||
FILE *f;
|
FILE *f;
|
||||||
|
|
||||||
if (!data->enrollee)
|
if (!data->enrollee || hapd->conf->ap_pin == NULL)
|
||||||
return;
|
return;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
@ -119,10 +119,15 @@ static void * eap_wsc_init(struct eap_sm *sm)
|
|||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
if (sm->user == NULL || sm->user->password == NULL) {
|
if (sm->user == NULL || sm->user->password == NULL) {
|
||||||
wpa_printf(MSG_INFO, "EAP-WSC: No AP PIN (password) "
|
/*
|
||||||
"configured for Enrollee functionality");
|
* In theory, this should not really be needed, but
|
||||||
os_free(data);
|
* Windows 7 uses Registrar mode to probe AP's WPS
|
||||||
return NULL;
|
* capabilities before trying to use Enrollee and fails
|
||||||
|
* if the AP does not allow that probing to happen..
|
||||||
|
*/
|
||||||
|
wpa_printf(MSG_DEBUG, "EAP-WSC: No AP PIN (password) "
|
||||||
|
"configured for Enrollee functionality - "
|
||||||
|
"allow for probing capabilities (M1)");
|
||||||
}
|
}
|
||||||
cfg.pin = sm->user->password;
|
cfg.pin = sm->user->password;
|
||||||
cfg.pin_len = sm->user->password_len;
|
cfg.pin_len = sm->user->password_len;
|
||||||
|
@ -412,6 +412,9 @@ web_process_get_device_info(struct upnp_wps_device_sm *sm,
|
|||||||
|
|
||||||
wpa_printf(MSG_DEBUG, "WPS UPnP: GetDeviceInfo");
|
wpa_printf(MSG_DEBUG, "WPS UPnP: GetDeviceInfo");
|
||||||
|
|
||||||
|
if (sm->ctx->ap_pin == NULL)
|
||||||
|
return HTTP_INTERNAL_SERVER_ERROR;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Request for DeviceInfo, i.e., M1 TLVs. This is a start of WPS
|
* Request for DeviceInfo, i.e., M1 TLVs. This is a start of WPS
|
||||||
* registration over UPnP with the AP acting as an Enrollee. It should
|
* registration over UPnP with the AP acting as an Enrollee. It should
|
||||||
|
Loading…
Reference in New Issue
Block a user