]> git.ipfire.org Git - thirdparty/hostap.git/commit
projects / thirdparty / hostap.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 002b49e) | patch
WPS: Do not increment wildcard_uuid when pin is locked
authorLior David <qca_liord@qca.qualcomm.com>
Thu, 28 Sep 2017 18:55:09 +0000 (21:55 +0300)
committerJouni Malinen <j@w1.fi>
Tue, 3 Oct 2017 16:19:01 +0000 (19:19 +0300)
commitfa4b605a0d1dcbd32a5038d61b90b8efd1ec7645
tree1fc9ce6613b49fe7a451d2223ba1c8dae4656d48tree
parent002b49ed074e06ffdb6c7800e4976996ef069d67commit | diff
WPS: Do not increment wildcard_uuid when pin is locked

Commit 84751b98c151f70c322b6b7f70d967400e147852 ('WPS: Allow wildcard
UUID PIN to be used twice') relaxed the constraints on how many time a
wildcard PIN can be used to allow two attempts. However, it did this in
a way that could result in concurrent attempts resulting in the wildcard
PIN being invalidated even without the second attempt actually going as
far as trying to use the PIN and a WPS protocol run.

wildcard_uuid is a flag/counter set for wildcard PINs and it is
incremented whenever the PIN is retrieved by wps_registrar_get_pin().
Eventually it causes the wildcard PIN to be released, effectively
limiting the number of registration attempts with a wildcard PIN.

With the previous implementation, when the PIN is in use and locked
(PIN_LOCKED), it is not returned from wps_registrar_get_pin() but
wildcard_uuid is still incremented which can cause the PIN to be
released earlier and stations will have fewer registration attempts with
it. Fix this scenario by only incrementing wildcard_uuid if the PIN is
actually going to be returned and used.

Signed-off-by: Lior David <qca_liord@qca.qualcomm.com>
src/wps/wps_registrar.c diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.