WPS: Interpret zero length ap_pin hostapd.conf parameter as "unset"

hostapd allows arbitrary AP PIN to be used in WPS. This means that
setting ap_pin to a zero length string ends up enabling AP PIN so that
external registrars can use this specific zero lenth ap_pin value. There
are apparently some APs that have used this invalid configuration with
unintended results. While the proper fix for that is to fix the
component that generates the invalid configuration, hostapd can also
reject such values since the likelihood of a real world use case for
zero length AP PIN (Device Password) is minimal.

Start interpreting zero length ap_pin parameter value as a request to
"unset" the previously set value in hostapd.conf (or if not previously
set, leave it unset). With this, a hostapd.conf file including the
"ap_pin=" line will end up getting interpretted just like that same file
with the ap_pin parameter completely removed, i.e., with AP PIN being
disabled.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
Jouni Malinen 2017-08-14 21:07:09 +03:00 committed by Jouni Malinen
parent 2bdbace634
commit ae048257cb

View file

@ -3147,7 +3147,10 @@ static int hostapd_config_fill(struct hostapd_config *conf,
} }
} else if (os_strcmp(buf, "ap_pin") == 0) { } else if (os_strcmp(buf, "ap_pin") == 0) {
os_free(bss->ap_pin); os_free(bss->ap_pin);
bss->ap_pin = os_strdup(pos); if (*pos == '\0')
bss->ap_pin = NULL;
else
bss->ap_pin = os_strdup(pos);
} else if (os_strcmp(buf, "skip_cred_build") == 0) { } else if (os_strcmp(buf, "skip_cred_build") == 0) {
bss->skip_cred_build = atoi(pos); bss->skip_cred_build = atoi(pos);
} else if (os_strcmp(buf, "extra_cred") == 0) { } else if (os_strcmp(buf, "extra_cred") == 0) {