WPS: Allow AP to start in Enrollee mode without AP PIN for probing

In theory, this should not really be needed, but Windows 7 uses
Registrar mode to probe AP's WPS capabilities before trying to use
Enrollee and fails if the AP does not allow that probing to happen.
This allows the AP to start as an Enrollee and send M1, but refuse
to continue beyond that (M3 will not be sent if AP PIN is not known).
This commit is contained in:
Jouni Malinen 2010-07-26 18:12:08 -07:00 committed by Jouni Malinen
parent 67ccef7e6c
commit 6195adda9b
4 changed files with 16 additions and 8 deletions

View file

@ -566,15 +566,15 @@ hostapd_get_eap_user(const struct hostapd_bss_config *conf, const u8 *identity,
return &wsc_enrollee;
}
if (conf->wps_state && conf->ap_pin &&
identity_len == WSC_ID_REGISTRAR_LEN &&
if (conf->wps_state && identity_len == WSC_ID_REGISTRAR_LEN &&
os_memcmp(identity, WSC_ID_REGISTRAR, WSC_ID_REGISTRAR_LEN) == 0) {
static struct hostapd_eap_user wsc_registrar;
os_memset(&wsc_registrar, 0, sizeof(wsc_registrar));
wsc_registrar.methods[0].method = eap_server_get_type(
"WSC", &wsc_registrar.methods[0].vendor);
wsc_registrar.password = (u8 *) conf->ap_pin;
wsc_registrar.password_len = os_strlen(conf->ap_pin);
wsc_registrar.password_len = conf->ap_pin ?
os_strlen(conf->ap_pin) : 0;
return &wsc_registrar;
}
#endif /* CONFIG_WPS */

View file

@ -426,7 +426,7 @@ static void hostapd_pwd_auth_fail(struct hostapd_data *hapd,
{
FILE *f;
if (!data->enrollee)
if (!data->enrollee || hapd->conf->ap_pin == NULL)
return;
/*

View file

@ -119,10 +119,15 @@ static void * eap_wsc_init(struct eap_sm *sm)
}
} else {
if (sm->user == NULL || sm->user->password == NULL) {
wpa_printf(MSG_INFO, "EAP-WSC: No AP PIN (password) "
"configured for Enrollee functionality");
os_free(data);
return NULL;
/*
* In theory, this should not really be needed, but
* Windows 7 uses Registrar mode to probe AP's WPS
* capabilities before trying to use Enrollee and fails
* if the AP does not allow that probing to happen..
*/
wpa_printf(MSG_DEBUG, "EAP-WSC: No AP PIN (password) "
"configured for Enrollee functionality - "
"allow for probing capabilities (M1)");
}
cfg.pin = sm->user->password;
cfg.pin_len = sm->user->password_len;

View file

@ -412,6 +412,9 @@ web_process_get_device_info(struct upnp_wps_device_sm *sm,
wpa_printf(MSG_DEBUG, "WPS UPnP: GetDeviceInfo");
if (sm->ctx->ap_pin == NULL)
return HTTP_INTERNAL_SERVER_ERROR;
/*
* Request for DeviceInfo, i.e., M1 TLVs. This is a start of WPS
* registration over UPnP with the AP acting as an Enrollee. It should