Not all embedded devices have USB interface and it is useful to be able
to remove unneeded functionality from the binary. In addition, the
current implementation has some UNIX specific calls in it which may make
it not compile cleanly on all target systems.
I tried PBC with the hostapd registrar.
I pushed the button with "hostap_cli WPS_PBC".
But hostapd registrar always sends Selected Registrar Config Methods
attribute=0x0000 in beacon/probe response.
Allow more than one pending PutWLANMessage data to be stored (M2/M2D
from multiple external Registrars) and drop pending M2/M2D messages when
the Enrollee replies with M3.
Version attribute processing details are not described in the WPS spec,
but it is safer to allow minor version to change and only refuse to
process the message if major version is different from ours. This
matches with the behavior used in the Intel reference implementation.
It looks like we don't set correspondent Device Password ID attribute in
M2 message during PBC registration. Without it TG185n STA was not able
to connect to our AP in PBC mode. Attached patch fixes this.
This adds mostly feature complete external Registrar support with the
main missing part being proper support for multiple external Registrars
working at the same time and processing of concurrent registrations when
using an external Registrar.
This code is based on Sony/Saice implementation
(https://www.saice-wpsnfc.bz/) and the changes made by Ted Merrill
(Atheros) to make it more suitable for hostapd design and embedded
systems. Some of the UPnP code is based on Intel's libupnp. Copyrights
and licensing are explained in src/wps/wps_upnp.c in more detail.
We must not replace M1 with M2D as the last_msg since we need M1 to
validate a possible M2 after M2D. Since M2D and ACK/NACK replies do not
include Authenticator attribute, we can just ignore M2D as far as
updating last_msg is concerned.
External Registrar in Vista may include NULL termination in the Network
Key when encoding an ASCII passphrase for WPA/WPA2-PSK. As a workaround,
remove this extra octet if present.
If a Registrar tries to configure the AP, but fails to validate the
device password (AP PIN), lock the AP setup after four failures. This
protects the AP PIN against brute force guessing attacks.
This optional configuration parameter can be used to override AP
Settings attributes in M7 similarly to extra_cred option for Credential
attribute(s) in M8.
WPS spec is not very specific on the presentation used for the DH
values. The Public Key attribute is described to be 192 octets long, so
that could be interpreted to imply that other places use fixed length
presentation for the DH keys. Change the DH derivation to use fixed
length bufferd by zero padding them from beginning if needed. This can
resolve infrequent (about 1/256 chance for both Public Key and Shared
Key being shorter) interop issues.
This is needed to allow external Registrar (at least the implementation
in Windows Vista) to configure the Enrollee.
With this patch and my previous patch (for wps.c) , I could pass "Wi-Fi
WPS Test Plan Version 1.0 [5.1.4. Add to AP using PIN Config method and
PASS PHRASE through wired external registrar]".
I can't pass the "Wi-Fi WPS Test Plan Version 1.0 [5.1.4. Add to AP
using PIN Config method and PASS PHRASE through wired external
registrar]". The wpa_supplicant-0.6.7 can't recoginize the testbed
AP(BCM94704AGRRev-E.2.4) as WPS PIN AP. Because after PIN entered, the
AP sends Selected Registrar attribute=0 and not send Device Password ID
attribute.
The proposed change as-is removed validation of Selected Registrar
attribute completely. However, that part is not included in this commit
since it can cause problems for environments with multiple WPS-enabled
APs. Another workaround for this will be considered in wpa_supplicant
scanning process (e.g., start trying to use WPS with APs that do not set
Selected Registrar to TRUE after couple of scan runs that do not find
any APs with Selected Registrar TRUE).
This operation can now be moved into an external program by configuring
hostapd with wps_cred_processing=1 and skip_cred_build=1. A new
ctrl_iface message (WPS-REG-SUCCESS <Enrollee MAC addr> <UUID-E>) will
be used to notify external programs of each successful registration and
that can be used as a tricker to move from unconfigured to configured
state.
This makes it easier to pass the credential data to external programs
(e.g., Network Manager) for processing. The actual use of this data is
not yet included in hostapd/wpa_supplicant.
Some deployed WPS implementations fail to parse zero-length attributes.
As a workaround, send a null character if the device attribute string is
empty. This allows default values (empty strings) to be used without
interop issues.
Before this change, it looked like an AP that was using wsccmd did not
get activated since wsccmd left the Selected Registrar Config Methods
attribute to be zero. Since Device Password ID can be used to
distinguish PBC from any other method, use only it to figure out whether
PBC or PIN method is active.
This callback is now used to stop wpa_supplicant from trying to continue
using parameters (most likely, device password) that do not work in a
loop. In addition, wpa_gui can now notify user of failed registration.
The event callback will be used for various event messages and the M2D
notification is the first such message. It is used to notify wpa_gui
about Registrar not yet knowing the device password (PIN).
Instead of sending out EAP-Failure on errors (on AP) or stopping (on
Supplicant), send a NACK message based on the allowed EAP state machine
transitions for EAP-WSC.
Since the Registrar may not yet know the UUID-E when a new PIN is
entered, use of a wildcard PIN that works with any UUID-E can be useful.
Such a PIN will be bound to the first Enrollee trying to use it and it
will be invalidated after the first use.
Fragment WPS IE if needed to fit into the IE length limits in hostapd
and Reassemble WPS IE data from multiple IEs in wpa_supplicant.
In addition, moved WPS code from events.c into wps_supplicant.c to clean
up module interfaces.