mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2025-01-17 18:34:03 -05:00
WPS: Add option to disable open networks by default
CONFIG_WPS_REG_DISABLE_OPEN=y can be used to configure wpa_supplicant to disable open networks by default when wps_reg command is used to learn the current AP settings. When this is enabled, there will be a WPS-OPEN-NETWORK ctrl_iface event and the user will need to explicitly enable the network (e.g., with "select_network <id>") to connect to the open network.
This commit is contained in:
parent
5dfca53fc0
commit
f981eabcf0
@ -85,6 +85,8 @@ extern "C" {
|
||||
|
||||
#define WPS_EVENT_ENROLLEE_SEEN "WPS-ENROLLEE-SEEN "
|
||||
|
||||
#define WPS_EVENT_OPEN_NETWORK "WPS-OPEN-NETWORK "
|
||||
|
||||
/* WPS ER events */
|
||||
#define WPS_EVENT_ER_AP_ADD "WPS-ER-AP-ADD "
|
||||
#define WPS_EVENT_ER_AP_REMOVE "WPS-ER-AP-REMOVE "
|
||||
|
@ -564,6 +564,10 @@ ifdef CONFIG_WPS_TESTING
|
||||
CFLAGS += -DCONFIG_WPS_TESTING
|
||||
endif
|
||||
|
||||
ifdef CONFIG_WPS_REG_DISABLE_OPEN
|
||||
CFLAGS += -DCONFIG_WPS_REG_DISABLE_OPEN
|
||||
endif
|
||||
|
||||
endif
|
||||
|
||||
ifdef CONFIG_EAP_IKEV2
|
||||
|
@ -73,10 +73,16 @@ int wpas_wps_eapol_cb(struct wpa_supplicant *wpa_s)
|
||||
|
||||
if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS && wpa_s->current_ssid &&
|
||||
!(wpa_s->current_ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
|
||||
int disabled = wpa_s->current_ssid->disabled;
|
||||
wpa_printf(MSG_DEBUG, "WPS: Network configuration replaced - "
|
||||
"try to associate with the received credential");
|
||||
wpa_supplicant_deauthenticate(wpa_s,
|
||||
WLAN_REASON_DEAUTH_LEAVING);
|
||||
if (disabled) {
|
||||
wpa_printf(MSG_DEBUG, "WPS: Current network is "
|
||||
"disabled - wait for user to enable");
|
||||
return 1;
|
||||
}
|
||||
wpa_s->after_wps = 5;
|
||||
wpa_s->wps_freq = wpa_s->assoc_freq;
|
||||
wpa_s->reassociate = 1;
|
||||
@ -183,6 +189,7 @@ static int wpa_supplicant_wps_cred(void *ctx,
|
||||
struct wpa_ssid *ssid = wpa_s->current_ssid;
|
||||
u8 key_idx = 0;
|
||||
u16 auth_type;
|
||||
int registrar = 0;
|
||||
|
||||
if ((wpa_s->conf->wps_cred_processing == 1 ||
|
||||
wpa_s->conf->wps_cred_processing == 2) && cred->cred_attr) {
|
||||
@ -236,6 +243,11 @@ static int wpa_supplicant_wps_cred(void *ctx,
|
||||
if (ssid && (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
|
||||
wpa_printf(MSG_DEBUG, "WPS: Replace WPS network block based "
|
||||
"on the received credential");
|
||||
if (ssid->eap.identity &&
|
||||
ssid->eap.identity_len == WSC_ID_REGISTRAR_LEN &&
|
||||
os_memcmp(ssid->eap.identity, WSC_ID_REGISTRAR,
|
||||
WSC_ID_REGISTRAR_LEN) == 0)
|
||||
registrar = 1;
|
||||
os_free(ssid->eap.identity);
|
||||
ssid->eap.identity = NULL;
|
||||
ssid->eap.identity_len = 0;
|
||||
@ -311,6 +323,16 @@ static int wpa_supplicant_wps_cred(void *ctx,
|
||||
ssid->auth_alg = WPA_AUTH_ALG_OPEN;
|
||||
ssid->key_mgmt = WPA_KEY_MGMT_NONE;
|
||||
ssid->proto = 0;
|
||||
#ifdef CONFIG_WPS_REG_DISABLE_OPEN
|
||||
if (registrar) {
|
||||
wpa_msg(wpa_s, MSG_INFO, WPS_EVENT_OPEN_NETWORK
|
||||
"id=%d - Credentials for an open "
|
||||
"network disabled by default - use "
|
||||
"'select_network %d' to enable",
|
||||
ssid->id, ssid->id);
|
||||
ssid->disabled = 1;
|
||||
}
|
||||
#endif /* CONFIG_WPS_REG_DISABLE_OPEN */
|
||||
break;
|
||||
case WPS_AUTH_SHARED:
|
||||
ssid->auth_alg = WPA_AUTH_ALG_SHARED;
|
||||
|
Loading…
Reference in New Issue
Block a user