We must not replace M1 with M2D as the last_msg since we need M1 to
validate a possible M2 after M2D. Since M2D and ACK/NACK replies do not
include Authenticator attribute, we can just ignore M2D as far as
updating last_msg is concerned.
If a Registrar tries to configure the AP, but fails to validate the
device password (AP PIN), lock the AP setup after four failures. This
protects the AP PIN against brute force guessing attacks.
This optional configuration parameter can be used to override AP
Settings attributes in M7 similarly to extra_cred option for Credential
attribute(s) in M8.
This is needed to allow external Registrar (at least the implementation
in Windows Vista) to configure the Enrollee.
With this patch and my previous patch (for wps.c) , I could pass "Wi-Fi
WPS Test Plan Version 1.0 [5.1.4. Add to AP using PIN Config method and
PASS PHRASE through wired external registrar]".
This makes it easier to pass the credential data to external programs
(e.g., Network Manager) for processing. The actual use of this data is
not yet included in hostapd/wpa_supplicant.
This callback is now used to stop wpa_supplicant from trying to continue
using parameters (most likely, device password) that do not work in a
loop. In addition, wpa_gui can now notify user of failed registration.
The event callback will be used for various event messages and the M2D
notification is the first such message. It is used to notify wpa_gui
about Registrar not yet knowing the device password (PIN).
Instead of sending out EAP-Failure on errors (on AP) or stopping (on
Supplicant), send a NACK message based on the allowed EAP state machine
transitions for EAP-WSC.
WPS IE is now passed from hostapd association processing into EAP-WSC
and WPS processing. Request Type attribute is parsed from this
information and if the request is for a WLAN Manager Registrar,
additional management keys are derived (to be used with UPnP).
Previously, wpa_supplicant as Enrollee case was handled using a
different callback function pointer. However, now that the wps_context
structure is allocated for all cases, the same variable can be used in
all cases.
Previously, hardcoded values were used in wps_enrollee.c. These are now
moved into shared data in struct wps_context. In case of
AP/Authenticator, these are initialized in wps_hostapd.c. In case of
client/supplicant, these are now initialized in EAP-WSC peer method,
but will probably end up being moved into higher layer for better
configuration.
EAP-WSC peer method for
The core processing of attributes into struct wps_credential is now in
wps_common.c (was in wps_enrollee.c), so that the same code can be
shared with Registrar.
This adds WPS support for both hostapd and wpa_supplicant. Both programs
can be configured to act as WPS Enrollee and Registrar. Both PBC and PIN
methods are supported.
Currently, hostapd has more complete configuration option for WPS
parameters and wpa_supplicant configuration style will likely change in
the future. External Registrars are not yet supported in hostapd or
wpa_supplicant. While wpa_supplicant has initial support for acting as
an Registrar to configure an AP, this is still using number of hardcoded
parameters which will need to be made configurable for proper operation.
