From 84751b98c151f70c322b6b7f70d967400e147852 Mon Sep 17 00:00:00 2001 From: Ganesh Prasadh Date: Wed, 8 Feb 2012 12:37:57 +0200 Subject: [PATCH] WPS: Allow wildcard UUID PIN to be used twice Previously, PINs that are added with a wildcard UUID were allowed to be used only by a single Enrollee. However, there may be more than one Enrollee trying to connect when an AP indicates that active Registrar is present. As a minimal workaround, allow two Enrollees to try to use the wildcard PIN. More complete extension could use timeout and allow larger set of Enrollees to try to connect (while still keeping in mind PIN disabling requirement after 10 failed attempts). Signed-hostap: Jouni Malinen --- src/wps/wps_registrar.c | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/src/wps/wps_registrar.c b/src/wps/wps_registrar.c index e5e8d287f..9eb479563 100644 --- a/src/wps/wps_registrar.c +++ b/src/wps/wps_registrar.c @@ -804,10 +804,11 @@ static const u8 * wps_registrar_get_pin(struct wps_registrar *reg, /* Check for wildcard UUIDs since none of the UUID-specific * PINs matched */ dl_list_for_each(pin, ®->pins, struct wps_uuid_pin, list) { - if (pin->wildcard_uuid == 1) { + if (pin->wildcard_uuid == 1 || + pin->wildcard_uuid == 2) { wpa_printf(MSG_DEBUG, "WPS: Found a wildcard " "PIN. Assigned it for this UUID-E"); - pin->wildcard_uuid = 2; + pin->wildcard_uuid++; os_memcpy(pin->uuid, uuid, WPS_UUID_LEN); found = pin; break; @@ -849,7 +850,7 @@ int wps_registrar_unlock_pin(struct wps_registrar *reg, const u8 *uuid) dl_list_for_each(pin, ®->pins, struct wps_uuid_pin, list) { if (os_memcmp(pin->uuid, uuid, WPS_UUID_LEN) == 0) { - if (pin->wildcard_uuid == 2) { + if (pin->wildcard_uuid == 3) { wpa_printf(MSG_DEBUG, "WPS: Invalidating used " "wildcard PIN"); return wps_registrar_invalidate_pin(reg, uuid); @@ -2104,6 +2105,13 @@ static int wps_process_e_snonce2(struct wps_data *wps, const u8 *e_snonce2) wps->wps_pin_revealed = 0; wps_registrar_unlock_pin(wps->wps->registrar, wps->uuid_e); + /* + * In case wildcard PIN is used and WPS handshake succeeds in the first + * attempt, wps_registrar_unlock_pin() would not free the PIN, so make + * sure the PIN gets invalidated here. + */ + wps_registrar_invalidate_pin(wps->wps->registrar, wps->uuid_e); + return 0; }