From 2e7144451697738f55f2864cbc5d7116443fe6c8 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Sun, 1 Nov 2009 21:59:30 +0200 Subject: [PATCH] WPS: Abort ongoing PBC protocol run if session overlap is detected If PBC session overlap is detected during an ongoing PBC protocol run, reject the run (if M8, i.e., credentials, have not yet been sent). This provides a bit longer monitoring time at the Registrar for PBC mode to catch some cases where two Enrollees in PBC mode try to enroll credentials at about the same time. --- src/wps/wps_registrar.c | 36 +++++++++++++++++++++++++++++++++++- 1 file changed, 35 insertions(+), 1 deletion(-) diff --git a/src/wps/wps_registrar.c b/src/wps/wps_registrar.c index 760178d73..9b66d9361 100644 --- a/src/wps/wps_registrar.c +++ b/src/wps/wps_registrar.c @@ -114,6 +114,8 @@ struct wps_registrar { int static_wep_only; struct wps_registrar_device *devices; + + int force_pbc_overlap; }; @@ -715,6 +717,7 @@ int wps_registrar_button_pushed(struct wps_registrar *reg) return -1; } wpa_printf(MSG_DEBUG, "WPS: Button pushed - PBC mode started"); + reg->force_pbc_overlap = 0; reg->selected_registrar = 1; reg->pbc = 1; wps_set_ie(reg); @@ -776,6 +779,11 @@ void wps_registrar_probe_req_rx(struct wps_registrar *reg, const u8 *addr, MACSTR, MAC2STR(addr)); wps_registrar_add_pbc_session(reg, addr, attr.uuid_e); + if (wps_registrar_pbc_overlap(reg, addr, attr.uuid_e)) { + wpa_printf(MSG_DEBUG, "WPS: PBC session overlap detected"); + reg->force_pbc_overlap = 1; + wps_pbc_overlap_event(reg->wps); + } } @@ -2011,13 +2019,15 @@ static enum wps_process_res wps_process_m1(struct wps_data *wps, #endif /* CONFIG_WPS_OOB */ if (wps->dev_pw_id == DEV_PW_PUSHBUTTON) { - if (wps_registrar_pbc_overlap(wps->wps->registrar, + if (wps->wps->registrar->force_pbc_overlap || + wps_registrar_pbc_overlap(wps->wps->registrar, wps->mac_addr_e, wps->uuid_e)) { wpa_printf(MSG_DEBUG, "WPS: PBC overlap - deny PBC " "negotiation"); wps->state = SEND_M2D; wps->config_error = WPS_CFG_MULTIPLE_PBC_DETECTED; wps_pbc_overlap_event(wps->wps); + wps->wps->registrar->force_pbc_overlap = 1; return WPS_CONTINUE; } wps_registrar_add_pbc_session(wps->wps->registrar, @@ -2043,6 +2053,14 @@ static enum wps_process_res wps_process_m3(struct wps_data *wps, return WPS_CONTINUE; } + if (wps->pbc && wps->wps->registrar->force_pbc_overlap) { + wpa_printf(MSG_DEBUG, "WPS: Reject negotiation due to PBC " + "session overlap"); + wps->state = SEND_WSC_NACK; + wps->config_error = WPS_CFG_MULTIPLE_PBC_DETECTED; + return WPS_CONTINUE; + } + if (wps_process_registrar_nonce(wps, attr->registrar_nonce) || wps_process_authenticator(wps, attr->authenticator, msg) || wps_process_e_hash1(wps, attr->e_hash1) || @@ -2072,6 +2090,14 @@ static enum wps_process_res wps_process_m5(struct wps_data *wps, return WPS_CONTINUE; } + if (wps->pbc && wps->wps->registrar->force_pbc_overlap) { + wpa_printf(MSG_DEBUG, "WPS: Reject negotiation due to PBC " + "session overlap"); + wps->state = SEND_WSC_NACK; + wps->config_error = WPS_CFG_MULTIPLE_PBC_DETECTED; + return WPS_CONTINUE; + } + if (wps_process_registrar_nonce(wps, attr->registrar_nonce) || wps_process_authenticator(wps, attr->authenticator, msg)) { wps->state = SEND_WSC_NACK; @@ -2182,6 +2208,14 @@ static enum wps_process_res wps_process_m7(struct wps_data *wps, return WPS_CONTINUE; } + if (wps->pbc && wps->wps->registrar->force_pbc_overlap) { + wpa_printf(MSG_DEBUG, "WPS: Reject negotiation due to PBC " + "session overlap"); + wps->state = SEND_WSC_NACK; + wps->config_error = WPS_CFG_MULTIPLE_PBC_DETECTED; + return WPS_CONTINUE; + } + if (wps_process_registrar_nonce(wps, attr->registrar_nonce) || wps_process_authenticator(wps, attr->authenticator, msg)) { wps->state = SEND_WSC_NACK;