diff --git a/src/wps/wps.h b/src/wps/wps.h index 85d279c73..a85d60073 100644 --- a/src/wps/wps.h +++ b/src/wps/wps.h @@ -43,7 +43,7 @@ struct wps_er; * @key_idx: Key index * @key: Key * @key_len: Key length in octets - * @mac_addr: MAC address of the peer + * @mac_addr: MAC address of the Credential receiver * @cred_attr: Unparsed Credential attribute data (used only in cred_cb()); * this may be %NULL, if not used * @cred_attr_len: Length of cred_attr in octets diff --git a/src/wps/wps_enrollee.c b/src/wps/wps_enrollee.c index df2c08670..a7b8227e7 100644 --- a/src/wps/wps_enrollee.c +++ b/src/wps/wps_enrollee.c @@ -680,6 +680,21 @@ static int wps_process_cred_e(struct wps_data *wps, const u8 *cred, wps_process_cred(&attr, &wps->cred)) return -1; + if (os_memcmp(wps->cred.mac_addr, wps->wps->dev.mac_addr, ETH_ALEN) != + 0) { + wpa_printf(MSG_DEBUG, "WPS: MAC Address in the Credential (" + MACSTR ") does not match with own address (" MACSTR + ")", MAC2STR(wps->cred.mac_addr), + MAC2STR(wps->wps->dev.mac_addr)); + /* + * In theory, this could be consider fatal error, but there are + * number of deployed implementations using other address here + * due to unclarity in the specification. For interoperability + * reasons, allow this to be processed since we do not really + * use the MAC Address information for anything. + */ + } + if (wps->wps->cred_cb) { wps->cred.cred_attr = cred - 4; wps->cred.cred_attr_len = cred_len + 4; @@ -730,6 +745,21 @@ static int wps_process_ap_settings_e(struct wps_data *wps, wpa_printf(MSG_INFO, "WPS: Received new AP configuration from " "Registrar"); + if (os_memcmp(cred.mac_addr, wps->wps->dev.mac_addr, ETH_ALEN) != + 0) { + wpa_printf(MSG_DEBUG, "WPS: MAC Address in the AP Settings (" + MACSTR ") does not match with own address (" MACSTR + ")", MAC2STR(cred.mac_addr), + MAC2STR(wps->wps->dev.mac_addr)); + /* + * In theory, this could be consider fatal error, but there are + * number of deployed implementations using other address here + * due to unclarity in the specification. For interoperability + * reasons, allow this to be processed since we do not really + * use the MAC Address information for anything. + */ + } + if (wps->wps->cred_cb) { cred.cred_attr = wpabuf_head(attrs); cred.cred_attr_len = wpabuf_len(attrs); diff --git a/src/wps/wps_registrar.c b/src/wps/wps_registrar.c index 4c0107da8..edd4b5abf 100644 --- a/src/wps/wps_registrar.c +++ b/src/wps/wps_registrar.c @@ -1231,8 +1231,10 @@ int wps_build_cred(struct wps_data *wps, struct wpabuf *msg) } } wps->cred.encr_type = wps->encr_type; - /* Set MAC address in the Credential to be the AP's address (BSSID) */ - os_memcpy(wps->cred.mac_addr, wps->wps->dev.mac_addr, ETH_ALEN); + /* + * Set MAC address in the Credential to be the Enrollee's MAC address + */ + os_memcpy(wps->cred.mac_addr, wps->mac_addr_e, ETH_ALEN); if (wps->wps->wps_state == WPS_STATE_NOT_CONFIGURED && wps->wps->ap && !wps->wps->registrar->disable_auto_conf) {