* Wi-Fi Protected Setup
* Copyright (c) 2007-2009, Jouni Malinen <j@w1.fi>
*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2 as
- * published by the Free Software Foundation.
- *
- * Alternatively, this software may be distributed under the terms of BSD
- * license.
- *
- * See README and COPYING for more details.
+ * This software may be distributed under the terms of the BSD license.
+ * See README for more details.
*/
#include "includes.h"
os_memcpy(data->uuid_e, cfg->wps->uuid, WPS_UUID_LEN);
}
if (cfg->pin) {
- data->dev_pw_id = data->wps->oob_dev_pw_id == 0 ?
- cfg->dev_pw_id : data->wps->oob_dev_pw_id;
+ data->dev_pw_id = cfg->dev_pw_id;
data->dev_password = os_malloc(cfg->pin_len);
if (data->dev_password == NULL) {
os_free(data);
}
os_memcpy(data->dev_password, cfg->pin, cfg->pin_len);
data->dev_password_len = cfg->pin_len;
+ wpa_hexdump_key(MSG_DEBUG, "WPS: AP PIN dev_password",
+ data->dev_password, data->dev_password_len);
}
+#ifdef CONFIG_WPS_NFC
+ if (cfg->pin == NULL &&
+ cfg->dev_pw_id == DEV_PW_NFC_CONNECTION_HANDOVER)
+ data->dev_pw_id = cfg->dev_pw_id;
+
+ if (cfg->wps->ap && !cfg->registrar && cfg->wps->ap_nfc_dev_pw_id) {
+ /* Keep AP PIN as alternative Device Password */
+ data->alt_dev_pw_id = data->dev_pw_id;
+ data->alt_dev_password = data->dev_password;
+ data->alt_dev_password_len = data->dev_password_len;
+
+ data->dev_pw_id = cfg->wps->ap_nfc_dev_pw_id;
+ data->dev_password =
+ os_malloc(wpabuf_len(cfg->wps->ap_nfc_dev_pw));
+ if (data->dev_password == NULL) {
+ os_free(data);
+ return NULL;
+ }
+ os_memcpy(data->dev_password,
+ wpabuf_head(cfg->wps->ap_nfc_dev_pw),
+ wpabuf_len(cfg->wps->ap_nfc_dev_pw));
+ data->dev_password_len = wpabuf_len(cfg->wps->ap_nfc_dev_pw);
+ wpa_hexdump_key(MSG_DEBUG, "WPS: NFC dev_password",
+ data->dev_password, data->dev_password_len);
+ }
+#endif /* CONFIG_WPS_NFC */
+
data->pbc = cfg->pbc;
if (cfg->pbc) {
/* Use special PIN '00000000' for PBC */
data->dev_pw_id = DEV_PW_PUSHBUTTON;
os_free(data->dev_password);
- data->dev_password = os_malloc(8);
+ data->dev_password = (u8 *) os_strdup("00000000");
if (data->dev_password == NULL) {
os_free(data);
return NULL;
}
- os_memset(data->dev_password, '0', 8);
data->dev_password_len = 8;
}
data->new_ap_settings =
os_malloc(sizeof(*data->new_ap_settings));
if (data->new_ap_settings == NULL) {
+ os_free(data->dev_password);
os_free(data);
return NULL;
}
data->use_psk_key = cfg->use_psk_key;
data->pbc_in_m1 = cfg->pbc_in_m1;
+ if (cfg->peer_pubkey_hash) {
+ os_memcpy(data->peer_pubkey_hash, cfg->peer_pubkey_hash,
+ WPS_OOB_PUBKEY_HASH_LEN);
+ data->peer_pubkey_hash_set = 1;
+ }
+
return data;
}
*/
void wps_deinit(struct wps_data *data)
{
+#ifdef CONFIG_WPS_NFC
+ if (data->registrar && data->nfc_pw_token)
+ wps_registrar_remove_nfc_pw_token(data->wps->registrar,
+ data->nfc_pw_token);
+#endif /* CONFIG_WPS_NFC */
+
if (data->wps_pin_revealed) {
wpa_printf(MSG_DEBUG, "WPS: Full PIN information revealed and "
"negotiation failed");
wpabuf_free(data->dh_pubkey_r);
wpabuf_free(data->last_msg);
os_free(data->dev_password);
+ os_free(data->alt_dev_password);
os_free(data->new_psk);
wps_device_data_free(&data->peer_dev);
os_free(data->new_ap_settings);
* @msg: WPS IE contents from Beacon or Probe Response frame
* @addr: MAC address to search for
* @ver1_compat: Whether to use version 1 compatibility mode
- * Returns: 1 if address is authorized, 0 if not
+ * Returns: 2 if the specified address is explicit authorized, 1 if address is
+ * authorized (broadcast), 0 if not
*/
int wps_is_addr_authorized(const struct wpabuf *msg, const u8 *addr,
int ver1_compat)
pos = attr.authorized_macs;
for (i = 0; i < attr.authorized_macs_len / ETH_ALEN; i++) {
- if (os_memcmp(pos, addr, ETH_ALEN) == 0 ||
- os_memcmp(pos, bcast, ETH_ALEN) == 0)
+ if (os_memcmp(pos, addr, ETH_ALEN) == 0)
+ return 2;
+ if (os_memcmp(pos, bcast, ETH_ALEN) == 0)
return 1;
pos += ETH_ALEN;
}
}
+/**
+ * wps_is_20 - Check whether WPS attributes claim support for WPS 2.0
+ */
+int wps_is_20(const struct wpabuf *msg)
+{
+ struct wps_parse_attr attr;
+
+ if (msg == NULL || wps_parse_msg(msg, &attr) < 0)
+ return 0;
+ return attr.version2 != NULL;
+}
+
+
/**
* wps_build_assoc_req_ie - Build WPS IE for (Re)Association Request
* @req_type: Value for Request Type attribute
/**
* wps_build_probe_req_ie - Build WPS IE for Probe Request
- * @pbc: Whether searching for PBC mode APs
+ * @pw_id: Password ID (DEV_PW_PUSHBUTTON for active PBC and DEV_PW_DEFAULT for
+ * most other use cases)
* @dev: Device attributes
* @uuid: Own UUID
* @req_type: Value for Request Type attribute
*
* The caller is responsible for freeing the buffer.
*/
-struct wpabuf * wps_build_probe_req_ie(int pbc, struct wps_device_data *dev,
+struct wpabuf * wps_build_probe_req_ie(u16 pw_id, struct wps_device_data *dev,
const u8 *uuid,
enum wps_request_type req_type,
unsigned int num_req_dev_types,
const u8 *req_dev_types)
{
struct wpabuf *ie;
- u16 methods = 0;
wpa_printf(MSG_DEBUG, "WPS: Building WPS IE for Probe Request");
if (ie == NULL)
return NULL;
- methods |= WPS_CONFIG_PUSHBUTTON;
-#ifdef CONFIG_WPS2
- /*
- * TODO: Should figure out whether this device has a physical or
- * virtual pushbutton.
- */
- methods |= WPS_CONFIG_VIRT_PUSHBUTTON;
-#endif /* CONFIG_WPS2 */
-
- /*
- * TODO: Should figure out whether this Probe Request was triggered
- * using physical or virtual display. Also, if the device has a PIN on
- * a label, that should be indicated here.
- */
- methods |= WPS_CONFIG_DISPLAY |
-#ifdef CONFIG_WPS2
- WPS_CONFIG_VIRT_DISPLAY |
-#endif /* CONFIG_WPS2 */
- WPS_CONFIG_KEYPAD;
-#ifdef CONFIG_WPS_UFD
- methods |= WPS_CONFIG_USBA;
-#endif /* CONFIG_WPS_UFD */
-#ifdef CONFIG_WPS_NFC
- methods |= WPS_CONFIG_NFC_INTERFACE;
-#endif /* CONFIG_WPS_NFC */
-
if (wps_build_version(ie) ||
wps_build_req_type(ie, req_type) ||
- wps_build_config_methods(ie, methods) ||
+ wps_build_config_methods(ie, dev->config_methods) ||
wps_build_uuid_e(ie, uuid) ||
wps_build_primary_dev_type(dev, ie) ||
- wps_build_rf_bands(dev, ie) ||
+ wps_build_rf_bands(dev, ie, 0) ||
wps_build_assoc_state(NULL, ie) ||
wps_build_config_error(ie, WPS_CFG_NO_ERROR) ||
- wps_build_dev_password_id(ie, pbc ? DEV_PW_PUSHBUTTON :
- DEV_PW_DEFAULT) ||
+ wps_build_dev_password_id(ie, pw_id) ||
#ifdef CONFIG_WPS2
wps_build_manufacturer(dev, ie) ||
wps_build_model_name(dev, ie) ||
return pos - buf;
}
+
+
+const char * wps_ei_str(enum wps_error_indication ei)
+{
+ switch (ei) {
+ case WPS_EI_NO_ERROR:
+ return "No Error";
+ case WPS_EI_SECURITY_TKIP_ONLY_PROHIBITED:
+ return "TKIP Only Prohibited";
+ case WPS_EI_SECURITY_WEP_PROHIBITED:
+ return "WEP Prohibited";
+ case WPS_EI_AUTH_FAILURE:
+ return "Authentication Failure";
+ default:
+ return "Unknown";
+ }
+}