]> git.ipfire.org Git - thirdparty/hostap.git/blobdiff - src/wps/wps_registrar.c
projects / thirdparty / hostap.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
P2P NFC: Report connection handover as trigger for P2P
[thirdparty/hostap.git] / src / wps / wps_registrar.c
diff --git a/src/wps/wps_registrar.c b/src/wps/wps_registrar.c
index a26b8ee99c64f617c8ded72f29660ea90ed275b3..56b8e23b4c3c8039bd6be7e7559ea72cec3288ad 100644 (file)
--- a/src/wps/wps_registrar.c
+++ b/src/wps/wps_registrar.c
@@ -1,6 +1,6 @@
 /*
  * Wi-Fi Protected Setup - Registrar
- * Copyright (c) 2008-2012, Jouni Malinen <j@w1.fi>
+ * Copyright (c) 2008-2013, Jouni Malinen <j@w1.fi>
  *
  * This software may be distributed under the terms of the BSD license.
  * See README for more details.
@@ -31,9 +31,11 @@
 struct wps_nfc_pw_token {
        struct dl_list list;
        u8 pubkey_hash[WPS_OOB_PUBKEY_HASH_LEN];
+       unsigned int peer_pk_hash_known:1;
        u16 pw_id;
        u8 dev_pw[WPS_OOB_DEVICE_PASSWORD_LEN * 2 + 1];
        size_t dev_pw_len;
+       int pk_hash_provided_oob; /* whether own PK hash was provided OOB */
 };
 
 
@@ -82,7 +84,7 @@ struct wps_uuid_pin {
 #define PIN_LOCKED BIT(0)
 #define PIN_EXPIRES BIT(1)
        int flags;
-       struct os_time expiration;
+       struct os_reltime expiration;
        u8 enrollee_addr[ETH_ALEN];
 };
 
@@ -113,7 +115,7 @@ struct wps_pbc_session {
        struct wps_pbc_session *next;
        u8 addr[ETH_ALEN];
        u8 uuid_e[WPS_UUID_LEN];
-       struct os_time timestamp;
+       struct os_reltime timestamp;
 };
 
 
@@ -142,8 +144,8 @@ struct wps_registrar {
        int pbc;
        int selected_registrar;
 
-       int (*new_psk_cb)(void *ctx, const u8 *mac_addr, const u8 *psk,
-                         size_t psk_len);
+       int (*new_psk_cb)(void *ctx, const u8 *mac_addr, const u8 *p2p_dev_addr,
+                         const u8 *psk, size_t psk_len);
        int (*set_ie_cb)(void *ctx, struct wpabuf *beacon_ie,
                         struct wpabuf *probe_resp_ie);
        void (*pin_needed_cb)(void *ctx, const u8 *uuid_e,
@@ -171,6 +173,7 @@ struct wps_registrar {
        int sel_reg_config_methods_override;
        int static_wep_only;
        int dualband;
+       int force_per_enrollee_psk;
 
        struct wps_registrar_device *devices;
 
@@ -182,7 +185,9 @@ struct wps_registrar {
        u8 p2p_dev_addr[ETH_ALEN];
 
        u8 pbc_ignore_uuid[WPS_UUID_LEN];
-       struct os_time pbc_ignore_start;
+#ifdef WPS_WORKAROUNDS
+       struct os_reltime pbc_ignore_start;
+#endif /* WPS_WORKAROUNDS */
 };
 
 
@@ -310,9 +315,9 @@ static void wps_registrar_add_pbc_session(struct wps_registrar *reg,
                                          const u8 *addr, const u8 *uuid_e)
 {
        struct wps_pbc_session *pbc, *prev = NULL;
-       struct os_time now;
+       struct os_reltime now;
 
-       os_get_time(&now);
+       os_get_reltime(&now);
 
        pbc = reg->pbc_sessions;
        while (pbc) {
@@ -346,7 +351,8 @@ static void wps_registrar_add_pbc_session(struct wps_registrar *reg,
        pbc = pbc->next;
 
        while (pbc) {
-               if (now.sec > pbc->timestamp.sec + WPS_PBC_WALK_TIME) {
+               if (os_reltime_expired(&now, &pbc->timestamp,
+                                      WPS_PBC_WALK_TIME)) {
                        prev->next = NULL;
                        wps_free_pbc_sessions(pbc);
                        break;
@@ -394,9 +400,9 @@ int wps_registrar_pbc_overlap(struct wps_registrar *reg,
        int count = 0;
        struct wps_pbc_session *pbc;
        struct wps_pbc_session *first = NULL;
-       struct os_time now;
+       struct os_reltime now;
 
-       os_get_time(&now);
+       os_get_reltime(&now);
 
        wpa_printf(MSG_DEBUG, "WPS: Checking active PBC sessions for overlap");
 
@@ -412,9 +418,9 @@ int wps_registrar_pbc_overlap(struct wps_registrar *reg,
                           MAC2STR(pbc->addr));
                wpa_hexdump(MSG_DEBUG, "WPS: UUID-E",
                            pbc->uuid_e, WPS_UUID_LEN);
-               if (now.sec > pbc->timestamp.sec + WPS_PBC_WALK_TIME) {
-                       wpa_printf(MSG_DEBUG, "WPS: PBC walk time has "
-                                  "expired");
+               if (os_reltime_expired(&now, &pbc->timestamp,
+                                      WPS_PBC_WALK_TIME)) {
+                       wpa_printf(MSG_DEBUG, "WPS: PBC walk time has expired");
                        break;
                }
                if (first &&
@@ -667,6 +673,7 @@ wps_registrar_init(struct wps_context *wps,
        reg->sel_reg_config_methods_override = -1;
        reg->static_wep_only = cfg->static_wep_only;
        reg->dualband = cfg->dualband;
+       reg->force_per_enrollee_psk = cfg->force_per_enrollee_psk;
 
        if (wps_set_ie(reg)) {
                wps_registrar_deinit(reg);
@@ -746,7 +753,7 @@ int wps_registrar_add_pin(struct wps_registrar *reg, const u8 *addr,
 
        if (timeout) {
                p->flags |= PIN_EXPIRES;
-               os_get_time(&p->expiration);
+               os_get_reltime(&p->expiration);
                p->expiration.sec += timeout;
        }
 
@@ -766,7 +773,7 @@ int wps_registrar_add_pin(struct wps_registrar *reg, const u8 *addr,
        else
                wps_registrar_add_authorized_mac(
                        reg, (u8 *) "\xff\xff\xff\xff\xff\xff");
-       wps_registrar_selected_registrar_changed(reg);
+       wps_registrar_selected_registrar_changed(reg, 0);
        eloop_cancel_timeout(wps_registrar_set_selected_timeout, reg, NULL);
        eloop_register_timeout(WPS_PBC_WALK_TIME, 0,
                               wps_registrar_set_selected_timeout,
@@ -788,20 +795,20 @@ static void wps_registrar_remove_pin(struct wps_registrar *reg,
                addr = pin->enrollee_addr;
        wps_registrar_remove_authorized_mac(reg, addr);
        wps_remove_pin(pin);
-       wps_registrar_selected_registrar_changed(reg);
+       wps_registrar_selected_registrar_changed(reg, 0);
 }
 
 
 static void wps_registrar_expire_pins(struct wps_registrar *reg)
 {
        struct wps_uuid_pin *pin, *prev;
-       struct os_time now;
+       struct os_reltime now;
 
-       os_get_time(&now);
+       os_get_reltime(&now);
        dl_list_for_each_safe(pin, prev, &reg->pins, struct wps_uuid_pin, list)
        {
                if ((pin->flags & PIN_EXPIRES) &&
-                   os_time_before(&pin->expiration, &now)) {
+                   os_reltime_before(&pin->expiration, &now)) {
                        wpa_hexdump(MSG_DEBUG, "WPS: Expired PIN for UUID",
                                    pin->uuid, WPS_UUID_LEN);
                        wps_registrar_remove_pin(reg, pin);
@@ -951,7 +958,7 @@ static void wps_registrar_stop_pbc(struct wps_registrar *reg)
        os_memset(reg->p2p_dev_addr, 0, ETH_ALEN);
        wps_registrar_remove_authorized_mac(reg,
                                            (u8 *) "\xff\xff\xff\xff\xff\xff");
-       wps_registrar_selected_registrar_changed(reg);
+       wps_registrar_selected_registrar_changed(reg, 0);
 }
 
 
@@ -999,8 +1006,9 @@ int wps_registrar_button_pushed(struct wps_registrar *reg,
                os_memset(reg->p2p_dev_addr, 0, ETH_ALEN);
        wps_registrar_add_authorized_mac(reg,
                                         (u8 *) "\xff\xff\xff\xff\xff\xff");
-       wps_registrar_selected_registrar_changed(reg);
+       wps_registrar_selected_registrar_changed(reg, 0);
 
+       wps_pbc_active_event(reg->wps);
        eloop_cancel_timeout(wps_registrar_set_selected_timeout, reg, NULL);
        eloop_cancel_timeout(wps_registrar_pbc_timeout, reg, NULL);
        eloop_register_timeout(WPS_PBC_WALK_TIME, 0, wps_registrar_pbc_timeout,
@@ -1014,6 +1022,7 @@ static void wps_registrar_pbc_completed(struct wps_registrar *reg)
        wpa_printf(MSG_DEBUG, "WPS: PBC completed - stopping PBC mode");
        eloop_cancel_timeout(wps_registrar_pbc_timeout, reg, NULL);
        wps_registrar_stop_pbc(reg);
+       wps_pbc_disable_event(reg->wps);
 }
 
 
@@ -1022,7 +1031,7 @@ static void wps_registrar_pin_completed(struct wps_registrar *reg)
        wpa_printf(MSG_DEBUG, "WPS: PIN completed using internal Registrar");
        eloop_cancel_timeout(wps_registrar_set_selected_timeout, reg, NULL);
        reg->selected_registrar = 0;
-       wps_registrar_selected_registrar_changed(reg);
+       wps_registrar_selected_registrar_changed(reg, 0);
 }
 
 
@@ -1033,7 +1042,9 @@ void wps_registrar_complete(struct wps_registrar *registrar, const u8 *uuid_e,
                wps_registrar_remove_pbc_session(registrar,
                                                 uuid_e, NULL);
                wps_registrar_pbc_completed(registrar);
-               os_get_time(&registrar->pbc_ignore_start);
+#ifdef WPS_WORKAROUNDS
+               os_get_reltime(&registrar->pbc_ignore_start);
+#endif /* WPS_WORKAROUNDS */
                os_memcpy(registrar->pbc_ignore_uuid, uuid_e, WPS_UUID_LEN);
        } else {
                wps_registrar_pin_completed(registrar);
@@ -1136,9 +1147,9 @@ void wps_registrar_probe_req_rx(struct wps_registrar *reg, const u8 *addr,
 #ifdef WPS_WORKAROUNDS
        if (reg->pbc_ignore_start.sec &&
            os_memcmp(attr.uuid_e, reg->pbc_ignore_uuid, WPS_UUID_LEN) == 0) {
-               struct os_time now, dur;
-               os_get_time(&now);
-               os_time_sub(&now, &reg->pbc_ignore_start, &dur);
+               struct os_reltime now, dur;
+               os_get_reltime(&now);
+               os_reltime_sub(&now, &reg->pbc_ignore_start, &dur);
                if (dur.sec >= 0 && dur.sec < 5) {
                        wpa_printf(MSG_DEBUG, "WPS: Ignore PBC activation "
                                   "based on Probe Request from the Enrollee "
@@ -1160,12 +1171,13 @@ void wps_registrar_probe_req_rx(struct wps_registrar *reg, const u8 *addr,
 
 
 static int wps_cb_new_psk(struct wps_registrar *reg, const u8 *mac_addr,
-                         const u8 *psk, size_t psk_len)
+                         const u8 *p2p_dev_addr, const u8 *psk, size_t psk_len)
 {
        if (reg->new_psk_cb == NULL)
                return 0;
 
-       return reg->new_psk_cb(reg->cb_ctx, mac_addr, psk, psk_len);
+       return reg->new_psk_cb(reg->cb_ctx, mac_addr, p2p_dev_addr, psk,
+                              psk_len);
 }
 
 
@@ -1263,7 +1275,7 @@ static int wps_set_ie(struct wps_registrar *reg)
            wps_build_sel_reg_dev_password_id(reg, beacon) ||
            wps_build_sel_reg_config_methods(reg, beacon) ||
            wps_build_sel_pbc_reg_uuid_e(reg, beacon) ||
-           (reg->dualband && wps_build_rf_bands(&reg->wps->dev, beacon)) ||
+           (reg->dualband && wps_build_rf_bands(&reg->wps->dev, beacon, 0)) ||
            wps_build_wfa_ext(beacon, 0, auth_macs, count) ||
            wps_build_vendor_ext(&reg->wps->dev, beacon)) {
                wpabuf_free(beacon);
@@ -1293,7 +1305,7 @@ static int wps_set_ie(struct wps_registrar *reg)
            wps_build_uuid_e(probe, reg->wps->uuid) ||
            wps_build_device_attrs(&reg->wps->dev, probe) ||
            wps_build_probe_config_methods(reg, probe) ||
-           (reg->dualband && wps_build_rf_bands(&reg->wps->dev, probe)) ||
+           (reg->dualband && wps_build_rf_bands(&reg->wps->dev, probe, 0)) ||
            wps_build_wfa_ext(probe, 0, auth_macs, count) ||
            wps_build_vendor_ext(&reg->wps->dev, probe)) {
                wpabuf_free(beacon);
@@ -1350,6 +1362,13 @@ static int wps_get_dev_password(struct wps_data *wps)
                pin_len = 8;
 #ifdef CONFIG_WPS_NFC
        } else if (wps->nfc_pw_token) {
+               if (wps->nfc_pw_token->pw_id == DEV_PW_NFC_CONNECTION_HANDOVER)
+               {
+                       wpa_printf(MSG_DEBUG, "WPS: Using NFC connection "
+                                  "handover and abbreviated WPS handshake "
+                                  "without Device Password");
+                       return 0;
+               }
                wpa_printf(MSG_DEBUG, "WPS: Use OOB Device Password from NFC "
                           "Password Token");
                pin = wps->nfc_pw_token->dev_pw;
@@ -1369,7 +1388,8 @@ static int wps_get_dev_password(struct wps_data *wps)
        }
        if (pin == NULL) {
                wpa_printf(MSG_DEBUG, "WPS: No Device Password available for "
-                          "the Enrollee");
+                          "the Enrollee (context %p registrar %p)",
+                          wps->wps, wps->wps->registrar);
                wps_cb_pin_needed(wps->wps->registrar, wps->uuid_e,
                                  &wps->peer_dev);
                return -1;
@@ -1526,18 +1546,6 @@ static int wps_build_cred_network_key(struct wpabuf *msg,
 }
 
 
-static int wps_build_cred_mac_addr(struct wpabuf *msg,
-                                  const struct wps_credential *cred)
-{
-       wpa_printf(MSG_DEBUG, "WPS:  * MAC Address (" MACSTR ")",
-                  MAC2STR(cred->mac_addr));
-       wpabuf_put_be16(msg, ATTR_MAC_ADDR);
-       wpabuf_put_be16(msg, ETH_ALEN);
-       wpabuf_put_data(msg, cred->mac_addr, ETH_ALEN);
-       return 0;
-}
-
-
 static int wps_build_credential(struct wpabuf *msg,
                                const struct wps_credential *cred)
 {
@@ -1546,7 +1554,7 @@ static int wps_build_credential(struct wpabuf *msg,
            wps_build_cred_auth_type(msg, cred) ||
            wps_build_cred_encr_type(msg, cred) ||
            wps_build_cred_network_key(msg, cred) ||
-           wps_build_cred_mac_addr(msg, cred))
+           wps_build_mac_addr(msg, cred->mac_addr))
                return -1;
        return 0;
 }
@@ -1650,13 +1658,15 @@ int wps_build_cred(struct wps_data *wps, struct wpabuf *msg)
                                      wps->new_psk, wps->new_psk_len);
                os_memcpy(wps->cred.key, wps->new_psk, wps->new_psk_len);
                wps->cred.key_len = wps->new_psk_len;
-       } else if (wps->use_psk_key && wps->wps->psk_set) {
+       } else if (!wps->wps->registrar->force_per_enrollee_psk &&
+                  wps->use_psk_key && wps->wps->psk_set) {
                char hex[65];
                wpa_printf(MSG_DEBUG, "WPS: Use PSK format for Network Key");
                wpa_snprintf_hex(hex, sizeof(hex), wps->wps->psk, 32);
                os_memcpy(wps->cred.key, hex, 32 * 2);
                wps->cred.key_len = 32 * 2;
-       } else if (wps->wps->network_key) {
+       } else if (!wps->wps->registrar->force_per_enrollee_psk &&
+                  wps->wps->network_key) {
                os_memcpy(wps->cred.key, wps->wps->network_key,
                          wps->wps->network_key_len);
                wps->cred.key_len = wps->wps->network_key_len;
@@ -1776,6 +1786,7 @@ static struct wpabuf * wps_build_ap_cred(struct wps_data *wps)
 static struct wpabuf * wps_build_m2(struct wps_data *wps)
 {
        struct wpabuf *msg;
+       int config_in_m2 = 0;
 
        if (random_get_bytes(wps->nonce_r, WPS_NONCE_LEN) < 0)
                return NULL;
@@ -1800,19 +1811,47 @@ static struct wpabuf * wps_build_m2(struct wps_data *wps)
            wps_build_conn_type_flags(wps, msg) ||
            wps_build_config_methods_r(wps->wps->registrar, msg) ||
            wps_build_device_attrs(&wps->wps->dev, msg) ||
-           wps_build_rf_bands(&wps->wps->dev, msg) ||
+           wps_build_rf_bands(&wps->wps->dev, msg,
+                              wps->wps->rf_band_cb(wps->wps->cb_ctx)) ||
            wps_build_assoc_state(wps, msg) ||
            wps_build_config_error(msg, WPS_CFG_NO_ERROR) ||
            wps_build_dev_password_id(msg, wps->dev_pw_id) ||
            wps_build_os_version(&wps->wps->dev, msg) ||
-           wps_build_wfa_ext(msg, 0, NULL, 0) ||
-           wps_build_authenticator(wps, msg)) {
+           wps_build_wfa_ext(msg, 0, NULL, 0)) {
+               wpabuf_free(msg);
+               return NULL;
+       }
+
+#ifdef CONFIG_WPS_NFC
+       if (wps->nfc_pw_token && wps->nfc_pw_token->pk_hash_provided_oob &&
+           wps->nfc_pw_token->pw_id == DEV_PW_NFC_CONNECTION_HANDOVER) {
+               /*
+                * Use abbreviated handshake since public key hash allowed
+                * Enrollee to validate our public key similarly to how Enrollee
+                * public key was validated. There is no need to validate Device
+                * Password in this case.
+                */
+               struct wpabuf *plain = wpabuf_alloc(500);
+               if (plain == NULL ||
+                   wps_build_cred(wps, plain) ||
+                   wps_build_key_wrap_auth(wps, plain) ||
+                   wps_build_encr_settings(wps, msg, plain)) {
+                       wpabuf_free(msg);
+                       wpabuf_free(plain);
+                       return NULL;
+               }
+               wpabuf_free(plain);
+               config_in_m2 = 1;
+       }
+#endif /* CONFIG_WPS_NFC */
+
+       if (wps_build_authenticator(wps, msg)) {
                wpabuf_free(msg);
                return NULL;
        }
 
        wps->int_reg = 1;
-       wps->state = RECV_M3;
+       wps->state = config_in_m2 ? RECV_DONE : RECV_M3;
        return msg;
 }
 
@@ -1841,7 +1880,8 @@ static struct wpabuf * wps_build_m2d(struct wps_data *wps)
            wps_build_conn_type_flags(wps, msg) ||
            wps_build_config_methods_r(wps->wps->registrar, msg) ||
            wps_build_device_attrs(&wps->wps->dev, msg) ||
-           wps_build_rf_bands(&wps->wps->dev, msg) ||
+           wps_build_rf_bands(&wps->wps->dev, msg,
+                              wps->wps->rf_band_cb(wps->wps->cb_ctx)) ||
            wps_build_assoc_state(wps, msg) ||
            wps_build_config_error(msg, err) ||
            wps_build_os_version(&wps->wps->dev, msg) ||
@@ -2179,7 +2219,7 @@ static int wps_process_e_snonce1(struct wps_data *wps, const u8 *e_snonce1)
                wpa_printf(MSG_DEBUG, "WPS: E-Hash1 derived from E-S1 does "
                           "not match with the pre-committed value");
                wps->config_error = WPS_CFG_DEV_PASSWORD_AUTH_FAILURE;
-               wps_pwd_auth_fail_event(wps->wps, 0, 1);
+               wps_pwd_auth_fail_event(wps->wps, 0, 1, wps->mac_addr_e);
                return -1;
        }
 
@@ -2220,7 +2260,7 @@ static int wps_process_e_snonce2(struct wps_data *wps, const u8 *e_snonce2)
                           "not match with the pre-committed value");
                wps_registrar_invalidate_pin(wps->wps->registrar, wps->uuid_e);
                wps->config_error = WPS_CFG_DEV_PASSWORD_AUTH_FAILURE;
-               wps_pwd_auth_fail_event(wps->wps, 0, 2);
+               wps_pwd_auth_fail_event(wps->wps, 0, 2, wps->mac_addr_e);
                return -1;
        }
 
@@ -2525,6 +2565,9 @@ static enum wps_process_res wps_process_m1(struct wps_data *wps,
            wps->dev_pw_id != DEV_PW_USER_SPECIFIED &&
            wps->dev_pw_id != DEV_PW_MACHINE_SPECIFIED &&
            wps->dev_pw_id != DEV_PW_REGISTRAR_SPECIFIED &&
+#ifdef CONFIG_WPS_NFC
+           wps->dev_pw_id != DEV_PW_NFC_CONNECTION_HANDOVER &&
+#endif /* CONFIG_WPS_NFC */
            (wps->dev_pw_id != DEV_PW_PUSHBUTTON ||
             !wps->wps->registrar->pbc)) {
                wpa_printf(MSG_DEBUG, "WPS: Unsupported Device Password ID %d",
@@ -2534,14 +2577,17 @@ static enum wps_process_res wps_process_m1(struct wps_data *wps,
        }
 
 #ifdef CONFIG_WPS_NFC
-       if (wps->dev_pw_id >= 0x10) {
+       if (wps->dev_pw_id >= 0x10 ||
+           wps->dev_pw_id == DEV_PW_NFC_CONNECTION_HANDOVER) {
                struct wps_nfc_pw_token *token;
                const u8 *addr[1];
                u8 hash[WPS_HASH_LEN];
 
+               wpa_printf(MSG_DEBUG, "WPS: Searching for NFC token match for id=%d (ctx %p registrar %p)",
+                          wps->dev_pw_id, wps->wps, wps->wps->registrar);
                token = wps_get_nfc_pw_token(
                        &wps->wps->registrar->nfc_pw_tokens, wps->dev_pw_id);
-               if (token) {
+               if (token && token->peer_pk_hash_known) {
                        wpa_printf(MSG_DEBUG, "WPS: Found matching NFC "
                                   "Password Token");
                        dl_list_del(&token->list);
@@ -2553,8 +2599,15 @@ static enum wps_process_res wps_process_m1(struct wps_data *wps,
                                      WPS_OOB_PUBKEY_HASH_LEN) != 0) {
                                wpa_printf(MSG_ERROR, "WPS: Public Key hash "
                                           "mismatch");
-                               return WPS_FAILURE;
+                               wps->state = SEND_M2D;
+                               wps->config_error =
+                                       WPS_CFG_PUBLIC_KEY_HASH_MISMATCH;
+                               return WPS_CONTINUE;
                        }
+               } else if (token) {
+                       wpa_printf(MSG_DEBUG, "WPS: Found matching NFC "
+                                  "Password Token (no peer PK hash)");
+                       wps->nfc_pw_token = token;
                }
        }
 #endif /* CONFIG_WPS_NFC */
@@ -2572,7 +2625,7 @@ static enum wps_process_res wps_process_m1(struct wps_data *wps,
                        wps_pbc_overlap_event(wps->wps);
                        wps_fail_event(wps->wps, WPS_M1,
                                       WPS_CFG_MULTIPLE_PBC_DETECTED,
-                                      WPS_EI_NO_ERROR);
+                                      WPS_EI_NO_ERROR, wps->mac_addr_e);
                        wps->wps->registrar->force_pbc_overlap = 1;
                        return WPS_CONTINUE;
                }
@@ -2902,7 +2955,7 @@ static enum wps_process_res wps_process_wsc_msg(struct wps_data *wps,
                ret = wps_process_m3(wps, msg, &attr);
                if (ret == WPS_FAILURE || wps->state == SEND_WSC_NACK)
                        wps_fail_event(wps->wps, WPS_M3, wps->config_error,
-                                      wps->error_indication);
+                                      wps->error_indication, wps->mac_addr_e);
                break;
        case WPS_M5:
                if (wps_validate_m5(msg) < 0)
@@ -2910,7 +2963,7 @@ static enum wps_process_res wps_process_wsc_msg(struct wps_data *wps,
                ret = wps_process_m5(wps, msg, &attr);
                if (ret == WPS_FAILURE || wps->state == SEND_WSC_NACK)
                        wps_fail_event(wps->wps, WPS_M5, wps->config_error,
-                                      wps->error_indication);
+                                      wps->error_indication, wps->mac_addr_e);
                break;
        case WPS_M7:
                if (wps_validate_m7(msg) < 0)
@@ -2918,7 +2971,7 @@ static enum wps_process_res wps_process_wsc_msg(struct wps_data *wps,
                ret = wps_process_m7(wps, msg, &attr);
                if (ret == WPS_FAILURE || wps->state == SEND_WSC_NACK)
                        wps_fail_event(wps->wps, WPS_M7, wps->config_error,
-                                      wps->error_indication);
+                                      wps->error_indication, wps->mac_addr_e);
                break;
        default:
                wpa_printf(MSG_DEBUG, "WPS: Unsupported Message Type %d",
@@ -3064,19 +3117,19 @@ static enum wps_process_res wps_process_wsc_nack(struct wps_data *wps,
        switch (old_state) {
        case RECV_M3:
                wps_fail_event(wps->wps, WPS_M2, config_error,
-                              wps->error_indication);
+                              wps->error_indication, wps->mac_addr_e);
                break;
        case RECV_M5:
                wps_fail_event(wps->wps, WPS_M4, config_error,
-                              wps->error_indication);
+                              wps->error_indication, wps->mac_addr_e);
                break;
        case RECV_M7:
                wps_fail_event(wps->wps, WPS_M6, config_error,
-                              wps->error_indication);
+                              wps->error_indication, wps->mac_addr_e);
                break;
        case RECV_DONE:
                wps_fail_event(wps->wps, WPS_M8, config_error,
-                              wps->error_indication);
+                              wps->error_indication, wps->mac_addr_e);
                break;
        default:
                break;
@@ -3172,7 +3225,8 @@ static enum wps_process_res wps_process_wsc_done(struct wps_data *wps,
 
        if (wps->new_psk) {
                if (wps_cb_new_psk(wps->wps->registrar, wps->mac_addr_e,
-                                  wps->new_psk, wps->new_psk_len)) {
+                                  wps->p2p_dev_addr, wps->new_psk,
+                                  wps->new_psk_len)) {
                        wpa_printf(MSG_DEBUG, "WPS: Failed to configure the "
                                   "new PSK");
                }
@@ -3188,7 +3242,9 @@ static enum wps_process_res wps_process_wsc_done(struct wps_data *wps,
                                                 wps->uuid_e,
                                                 wps->p2p_dev_addr);
                wps_registrar_pbc_completed(wps->wps->registrar);
-               os_get_time(&wps->wps->registrar->pbc_ignore_start);
+#ifdef WPS_WORKAROUNDS
+               os_get_reltime(&wps->wps->registrar->pbc_ignore_start);
+#endif /* WPS_WORKAROUNDS */
                os_memcpy(wps->wps->registrar->pbc_ignore_uuid, wps->uuid_e,
                          WPS_UUID_LEN);
        } else {
@@ -3197,7 +3253,7 @@ static enum wps_process_res wps_process_wsc_done(struct wps_data *wps,
        /* TODO: maintain AuthorizedMACs somewhere separately for each ER and
         * merge them into APs own list.. */
 
-       wps_success_event(wps->wps);
+       wps_success_event(wps->wps, wps->mac_addr_e);
 
        return WPS_DONE;
 }
@@ -3266,7 +3322,7 @@ enum wps_process_res wps_registrar_process_msg(struct wps_data *wps,
                        wps->state = SEND_WSC_NACK;
                        wps_fail_event(wps->wps, WPS_WSC_DONE,
                                       wps->config_error,
-                                      wps->error_indication);
+                                      wps->error_indication, wps->mac_addr_e);
                }
                return ret;
        default:
@@ -3291,7 +3347,7 @@ static void wps_registrar_set_selected_timeout(void *eloop_ctx,
                   "unselect internal Registrar");
        reg->selected_registrar = 0;
        reg->pbc = 0;
-       wps_registrar_selected_registrar_changed(reg);
+       wps_registrar_selected_registrar_changed(reg, 0);
 }
 
 
@@ -3363,7 +3419,8 @@ static void wps_registrar_sel_reg_union(struct wps_registrar *reg)
  * This function is called when selected registrar state changes, e.g., when an
  * AP receives a SetSelectedRegistrar UPnP message.
  */
-void wps_registrar_selected_registrar_changed(struct wps_registrar *reg)
+void wps_registrar_selected_registrar_changed(struct wps_registrar *reg,
+                                             u16 dev_pw_id)
 {
        wpa_printf(MSG_DEBUG, "WPS: Selected registrar information changed");
 
@@ -3387,7 +3444,8 @@ void wps_registrar_selected_registrar_changed(struct wps_registrar *reg)
                        reg->sel_reg_dev_password_id_override =
                                DEV_PW_PUSHBUTTON;
                        wps_set_pushbutton(&methods, reg->wps->config_methods);
-               }
+               } else if (dev_pw_id)
+                       reg->sel_reg_dev_password_id_override = dev_pw_id;
                wpa_printf(MSG_DEBUG, "WPS: Internal Registrar selected "
                           "(pbc=%d)", reg->pbc);
                reg->sel_reg_config_methods_override = methods;
@@ -3443,7 +3501,7 @@ int wps_registrar_config_ap(struct wps_registrar *reg,
                            struct wps_credential *cred)
 {
 #ifdef CONFIG_WPS2
-       printf("encr_type=0x%x\n", cred->encr_type);
+       wpa_printf(MSG_DEBUG, "WPS: encr_type=0x%x", cred->encr_type);
        if (!(cred->encr_type & (WPS_ENCR_NONE | WPS_ENCR_TKIP |
                                 WPS_ENCR_AES))) {
                if (cred->encr_type & WPS_ENCR_WEP) {
@@ -3483,25 +3541,39 @@ int wps_registrar_config_ap(struct wps_registrar *reg,
 
 int wps_registrar_add_nfc_pw_token(struct wps_registrar *reg,
                                   const u8 *pubkey_hash, u16 pw_id,
-                                  const u8 *dev_pw, size_t dev_pw_len)
+                                  const u8 *dev_pw, size_t dev_pw_len,
+                                  int pk_hash_provided_oob)
 {
        struct wps_nfc_pw_token *token;
 
        if (dev_pw_len > WPS_OOB_DEVICE_PASSWORD_LEN)
                return -1;
 
+       if (pw_id == DEV_PW_NFC_CONNECTION_HANDOVER &&
+           (pubkey_hash == NULL || !pk_hash_provided_oob)) {
+               wpa_printf(MSG_DEBUG, "WPS: Unexpected NFC Password Token "
+                          "addition - missing public key hash");
+               return -1;
+       }
+
        wps_free_nfc_pw_tokens(&reg->nfc_pw_tokens, pw_id);
 
        token = os_zalloc(sizeof(*token));
        if (token == NULL)
                return -1;
 
-       os_memcpy(token->pubkey_hash, pubkey_hash, WPS_OOB_PUBKEY_HASH_LEN);
+       token->peer_pk_hash_known = pubkey_hash != NULL;
+       if (pubkey_hash)
+               os_memcpy(token->pubkey_hash, pubkey_hash,
+                         WPS_OOB_PUBKEY_HASH_LEN);
        token->pw_id = pw_id;
-       wpa_snprintf_hex_uppercase((char *) token->dev_pw,
-                                  sizeof(token->dev_pw),
-                                  dev_pw, dev_pw_len);
-       token->dev_pw_len = dev_pw_len * 2;
+       token->pk_hash_provided_oob = pk_hash_provided_oob;
+       if (dev_pw) {
+               wpa_snprintf_hex_uppercase((char *) token->dev_pw,
+                                          sizeof(token->dev_pw),
+                                          dev_pw, dev_pw_len);
+               token->dev_pw_len = dev_pw_len * 2;
+       }
 
        dl_list_add(&reg->nfc_pw_tokens, &token->list);
 
@@ -3509,12 +3581,15 @@ int wps_registrar_add_nfc_pw_token(struct wps_registrar *reg,
        reg->pbc = 0;
        wps_registrar_add_authorized_mac(reg,
                                         (u8 *) "\xff\xff\xff\xff\xff\xff");
-       wps_registrar_selected_registrar_changed(reg);
+       wps_registrar_selected_registrar_changed(reg, pw_id);
        eloop_cancel_timeout(wps_registrar_set_selected_timeout, reg, NULL);
        eloop_register_timeout(WPS_PBC_WALK_TIME, 0,
                               wps_registrar_set_selected_timeout,
                               reg, NULL);
 
+       wpa_printf(MSG_DEBUG, "WPS: Added NFC Device Password %u to Registrar",
+                  pw_id);
+
        return 0;
 }
 
@@ -3527,8 +3602,7 @@ int wps_registrar_add_nfc_password_token(struct wps_registrar *reg,
        u16 id;
        size_t dev_pw_len;
 
-       if (oob_dev_pw_len < WPS_OOB_PUBKEY_HASH_LEN + 2 +
-           WPS_OOB_DEVICE_PASSWORD_MIN_LEN ||
+       if (oob_dev_pw_len < WPS_OOB_PUBKEY_HASH_LEN + 2 ||
            oob_dev_pw_len > WPS_OOB_PUBKEY_HASH_LEN + 2 +
            WPS_OOB_DEVICE_PASSWORD_LEN)
                return -1;
@@ -3547,7 +3621,7 @@ int wps_registrar_add_nfc_password_token(struct wps_registrar *reg,
        wpa_hexdump_key(MSG_DEBUG, "WPS: Device Password", dev_pw, dev_pw_len);
 
        return wps_registrar_add_nfc_pw_token(reg, hash, id, dev_pw,
-                                             dev_pw_len);
+                                             dev_pw_len, 0);
 }
 
 
@@ -3556,7 +3630,15 @@ void wps_registrar_remove_nfc_pw_token(struct wps_registrar *reg,
 {
        wps_registrar_remove_authorized_mac(reg,
                                            (u8 *) "\xff\xff\xff\xff\xff\xff");
-       wps_registrar_selected_registrar_changed(reg);
+       wps_registrar_selected_registrar_changed(reg, 0);
+
+       /*
+        * Free the NFC password token if it was used only for a single protocol
+        * run. The static handover case uses the same password token multiple
+        * times, so do not free that case here.
+        */
+       if (token->peer_pk_hash_known)
+               os_free(token);
 }
 
 #endif /* CONFIG_WPS_NFC */
Unnamed repository; edit this file 'description' to name the repository.