Accueil Explorer Aide
S'inscrire Connexion
wareck
/
krackattacks
1
0
Fork 0
Fichiers Tickets 0 Pull Requests 0 Wiki
Parcourir la source

Added ap_settings option for overriding WPS AP Settings in M7

This optional configuration parameter can be used to override AP
Settings attributes in M7 similarly to extra_cred option for Credential
attribute(s) in M8.
Jouni Malinen il y a 16 ans
Parent
6296625308
commit
4c29cae932
6 fichiers modifiés avec 56 ajouts et 8 suppressions
Vue séparée Afficher les stats Diff
  1. 11 0
      hostapd/config.c
  2. 2 0
      hostapd/config.h
  3. 7 0
      hostapd/hostapd.conf
  4. 3 0
      hostapd/wps_hostapd.c
  5. 13 0
      src/wps/wps.h
  6. 20 8
      src/wps/wps_enrollee.c

+ 11 - 0
hostapd/config.c
Voir le fichier 

@@ -2229,6 +2229,16 @@ struct hostapd_config * hostapd_config_read(const char *fname)
 
 			}
 
 		} else if (os_strcmp(buf, "wps_cred_processing") == 0) {
 
 			bss->wps_cred_processing = atoi(pos);
 
+		} else if (os_strcmp(buf, "ap_settings") == 0) {
 
+			os_free(bss->ap_settings);
 
+			bss->ap_settings =
 
+				(u8 *) os_readfile(pos, &bss->ap_settings_len);
 
+			if (bss->ap_settings == NULL) {
 
+				wpa_printf(MSG_ERROR, "Line %d: could not "
 
+					   "read AP Settings from '%s'",
 
+					   line, pos);
 
+				errors++;
 
+			}
 
 #endif /* CONFIG_WPS */
 
 		} else {
 
 			wpa_printf(MSG_ERROR, "Line %d: unknown configuration "
 
@@ -2435,6 +2445,7 @@ static void hostapd_config_free_bss(struct hostapd_bss_config *conf)
 
 	os_free(conf->config_methods);
 
 	os_free(conf->ap_pin);
 
 	os_free(conf->extra_cred);
 
+	os_free(conf->ap_settings);
 
 #endif /* CONFIG_WPS */
 
 }

+ 2 - 0
hostapd/config.h
Voir le fichier 

@@ -304,6 +304,8 @@ struct hostapd_bss_config {
 
 	u8 *extra_cred;
 
 	size_t extra_cred_len;
 
 	int wps_cred_processing;
 
+	u8 *ap_settings;
 
+	size_t ap_settings_len;
 
 #endif /* CONFIG_WPS */
 
 };

+ 7 - 0
hostapd/hostapd.conf
Voir le fichier 

@@ -958,6 +958,13 @@ own_ip_addr=127.0.0.1
 
 # extra_cred be used to provide the Credential data for Enrollees.
 
 #wps_cred_processing=0
 
 
+# AP Settings Attributes for M7
 
+# By default, hostapd generates the AP Settings Attributes for M7 based on the
 
+# current configuration. It is possible to override this by providing a file
 
+# with pre-configured attributes. This is similar to extra_cred file format,
 
+# but the AP Settings attributes are not encapsulated in a Credential
 
+# attribute.
 
+#ap_settings=hostapd.ap_settings
 
 
 ##### Multiple BSSID support ##################################################
 
 #

+ 3 - 0
hostapd/wps_hostapd.c
Voir le fichier 

@@ -545,6 +545,9 @@ int hostapd_init_wps(struct hostapd_data *hapd,
 
 		wps->encr_types = WPS_ENCR_AES | WPS_ENCR_TKIP;
 
 	}
 
 
+	wps->ap_settings = conf->ap_settings;
 
+	wps->ap_settings_len = conf->ap_settings_len;
 
+
 
 	cfg.new_psk_cb = hostapd_wps_new_psk_cb;
 
 	cfg.set_ie_cb = hostapd_wps_set_ie_cb;
 
 	cfg.pin_needed_cb = hostapd_wps_pin_needed_cb;

+ 13 - 0
src/wps/wps.h
Voir le fichier 

@@ -396,6 +396,19 @@ struct wps_context {
 
 	 */
 
 	size_t network_key_len;
 
 
+	/**
 
+	 * ap_settings - AP Settings override for M7 (only used at AP)
 
+	 *
 
+	 * If %NULL, AP Settings attributes will be generated based on the
 
+	 * current network configuration.
 
+	 */
 
+	u8 *ap_settings;
 
+
 
+	/**
 
+	 * ap_settings_len - Length of ap_settings in octets
 
+	 */
 
+	size_t ap_settings_len;
 
+
 
 	/**
 
 	 * cred_cb - Callback to notify that new Credentials were received
 
 	 * @ctx: Higher layer context data (cb_ctx)

+ 20 - 8
src/wps/wps_enrollee.c
Voir le fichier 

@@ -268,17 +268,34 @@ static int wps_build_cred_mac_addr(struct wps_data *wps, struct wpabuf *msg)
 
 }
 
 
 
+static int wps_build_ap_settings(struct wps_data *wps, struct wpabuf *plain)
 
+{
 
+	if (wps->wps->ap_settings) {
 
+		wpa_printf(MSG_DEBUG, "WPS:  * AP Settings (pre-configured)");
 
+		wpabuf_put_data(plain, wps->wps->ap_settings,
 
+				wps->wps->ap_settings_len);
 
+		return 0;
 
+	}
 
+
 
+	return wps_build_cred_ssid(wps, plain) ||
 
+		wps_build_cred_mac_addr(wps, plain) ||
 
+		wps_build_cred_auth_type(wps, plain) ||
 
+		wps_build_cred_encr_type(wps, plain) ||
 
+		wps_build_cred_network_key(wps, plain);
 
+}
 
+
 
+
 
 static struct wpabuf * wps_build_m7(struct wps_data *wps)
 
 {
 
 	struct wpabuf *msg, *plain;
 
 
 	wpa_printf(MSG_DEBUG, "WPS: Building Message M7");
 
 
-	plain = wpabuf_alloc(500);
 
+	plain = wpabuf_alloc(500 + wps->wps->ap_settings_len);
 
 	if (plain == NULL)
 
 		return NULL;
 
 
-	msg = wpabuf_alloc(1000);
 
+	msg = wpabuf_alloc(1000 + wps->wps->ap_settings_len);
 
 	if (msg == NULL) {
 
 		wpabuf_free(plain);
 
 		return NULL;
 
@@ -288,12 +305,7 @@ static struct wpabuf * wps_build_m7(struct wps_data *wps)
 
 	    wps_build_msg_type(msg, WPS_M7) ||
 
 	    wps_build_registrar_nonce(wps, msg) ||
 
 	    wps_build_e_snonce2(wps, plain) ||
 
-	    (wps->wps->ap &&
 
-	     (wps_build_cred_ssid(wps, plain) ||
 
-	      wps_build_cred_mac_addr(wps, plain) ||
 
-	      wps_build_cred_auth_type(wps, plain) ||
 
-	      wps_build_cred_encr_type(wps, plain) ||
 
-	      wps_build_cred_network_key(wps, plain))) ||
 
+	    (wps->wps->ap && wps_build_ap_settings(wps, plain)) ||
 
 	    wps_build_key_wrap_auth(wps, plain) ||
 
 	    wps_build_encr_settings(wps, msg, plain) ||
 
 	    wps_build_authenticator(wps, msg)) {