From 4625a47f4bb722710a5e622085ccd2b32ebaf6c9 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Wed, 10 Jun 2009 15:53:35 +0300 Subject: [PATCH] WPS: Change wpa_supplicant wps_reg to not send out M8 Since we do not currently support changing the AP settings received from M7, there is no point in actually sending out the M8 that would likely trigger the AP to reconfigure itself and potentially reboot. For now, we just receive the AP settings in M7 and add a local network configuration block based on those, but NACK the message. This makes wps_reg work like wps_pin, but by using the AP PIN instead of a client PIN. --- src/wps/wps_registrar.c | 52 +++++++++++++++++++++++++-------------- wpa_supplicant/README-WPS | 7 +++++- 2 files changed, 39 insertions(+), 20 deletions(-) diff --git a/src/wps/wps_registrar.c b/src/wps/wps_registrar.c index 0bbde67a9..185db8c0c 100644 --- a/src/wps/wps_registrar.c +++ b/src/wps/wps_registrar.c @@ -2019,6 +2019,28 @@ static enum wps_process_res wps_process_m5(struct wps_data *wps, } +static void wps_sta_cred_cb(struct wps_data *wps) +{ + /* + * Update credential to only include a single authentication and + * encryption type in case the AP configuration includes more than one + * option. + */ + if (wps->cred.auth_type & WPS_AUTH_WPA2PSK) + wps->cred.auth_type = WPS_AUTH_WPA2PSK; + else if (wps->cred.auth_type & WPS_AUTH_WPAPSK) + wps->cred.auth_type = WPS_AUTH_WPAPSK; + if (wps->cred.encr_type & WPS_ENCR_AES) + wps->cred.encr_type = WPS_ENCR_AES; + else if (wps->cred.encr_type & WPS_ENCR_TKIP) + wps->cred.encr_type = WPS_ENCR_TKIP; + wpa_printf(MSG_DEBUG, "WPS: Update local configuration based on the " + "AP configuration"); + if (wps->wps->cred_cb) + wps->wps->cred_cb(wps->wps->cb_ctx, &wps->cred); +} + + static int wps_process_ap_settings_r(struct wps_data *wps, struct wps_parse_attr *attr) { @@ -2031,12 +2053,21 @@ static int wps_process_ap_settings_r(struct wps_data *wps, wpa_printf(MSG_INFO, "WPS: Received old AP configuration from AP"); +#if 0 /* * TODO: Provide access to AP settings and allow changes before sending * out M8. For now, just copy the settings unchanged into M8. */ return 0; +#else + /* + * For now, use the AP PIN only to receive the current AP settings, + * not to reconfigure the AP. + */ + wps_sta_cred_cb(wps); + return 1; +#endif } @@ -2404,25 +2435,8 @@ static enum wps_process_res wps_process_wsc_done(struct wps_data *wps, wps->new_psk = NULL; } - if (!wps->wps->ap) { - /* - * Update credential to only include a single authentication - * and encryption type in case the AP configuration includes - * more than one option. - */ - if (wps->cred.auth_type & WPS_AUTH_WPA2PSK) - wps->cred.auth_type = WPS_AUTH_WPA2PSK; - else if (wps->cred.auth_type & WPS_AUTH_WPAPSK) - wps->cred.auth_type = WPS_AUTH_WPAPSK; - if (wps->cred.encr_type & WPS_ENCR_AES) - wps->cred.encr_type = WPS_ENCR_AES; - else if (wps->cred.encr_type & WPS_ENCR_TKIP) - wps->cred.encr_type = WPS_ENCR_TKIP; - wpa_printf(MSG_DEBUG, "WPS: Update local configuration based " - "on the modified AP configuration"); - if (wps->wps->cred_cb) - wps->wps->cred_cb(wps->wps->cb_ctx, &wps->cred); - } + if (!wps->wps->ap) + wps_sta_cred_cb(wps); if (wps->new_psk) { if (wps_cb_new_psk(wps->wps->registrar, wps->mac_addr_e, diff --git a/wpa_supplicant/README-WPS b/wpa_supplicant/README-WPS index 7fd358dbe..6b826a794 100644 --- a/wpa_supplicant/README-WPS +++ b/wpa_supplicant/README-WPS @@ -131,13 +131,18 @@ negotiation which will generate a new WPA PSK in the same way as the PIN method described above. -If the client wants to operation in the Registrar role to configure an +If the client wants to operate in the Registrar role to configure an AP, wpa_supplicant is notified over the control interface, e.g., with wpa_cli: wpa_cli wps_reg (example: wpa_cli wps_reg 02:34:56:78:9a:bc 12345670) +This is currently only used to fetch the current AP settings instead +of actually changing them. The main difference with the wps_pin +command is that wps_reg uses the AP PIN (e.g., from a label on the AP) +instead of a PIN generated at the client. + Scanning --------