WPS: Interpret zero length ap_pin hostapd.conf parameter as "unset"

hostapd allows arbitrary AP PIN to be used in WPS. This means that
setting ap_pin to a zero length string ends up enabling AP PIN so that
external registrars can use this specific zero lenth ap_pin value. There
are apparently some APs that have used this invalid configuration with
unintended results. While the proper fix for that is to fix the
component that generates the invalid configuration, hostapd can also
reject such values since the likelihood of a real world use case for
zero length AP PIN (Device Password) is minimal.

Start interpreting zero length ap_pin parameter value as a request to
"unset" the previously set value in hostapd.conf (or if not previously
set, leave it unset). With this, a hostapd.conf file including the
"ap_pin=" line will end up getting interpretted just like that same file
with the ap_pin parameter completely removed, i.e., with AP PIN being
disabled.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

diff --git a/hostapd/config_file.c b/hostapd/config_file.c
index a398bb1182fa6cfe66dd7a372a92dbc7a1ccc89e..cc799d4820f0dd91fb12ab3c9790870c85a2adba 100644 (file)
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -3147,7 +3147,10 @@ static int hostapd_config_fill(struct hostapd_config *conf,
                }
        } else if (os_strcmp(buf, "ap_pin") == 0) {
                os_free(bss->ap_pin);
-               bss->ap_pin = os_strdup(pos);
+               if (*pos == '\0')
+                       bss->ap_pin = NULL;
+               else
+                       bss->ap_pin = os_strdup(pos);
        } else if (os_strcmp(buf, "skip_cred_build") == 0) {
                bss->skip_cred_build = atoi(pos);
        } else if (os_strcmp(buf, "extra_cred") == 0) {