diff --git a/components/wpa_supplicant/Kconfig b/components/wpa_supplicant/Kconfig index 451bb78fff..8f62a22427 100644 --- a/components/wpa_supplicant/Kconfig +++ b/components/wpa_supplicant/Kconfig @@ -12,4 +12,23 @@ menu "Supplicant" help Select this to enable TLS v1.2 for WPA2-Enterprise Authentication. + config WPA_WPS_WARS + bool "Add WPS Inter operatability Fixes" + default n + help + Select this option to enable WPS related IOT fixes with + different APs. This option fixes IOT related issues with + APs which do not follow some of the standards of WPS-2.0 + specification. These do not include any of the security + related bypassing, just simple configuration corrections. + + Current fixes under this flag. + 1. Allow NULL-padded WPS attributes: Some APs keep NULL-padding + at the end of some variable length WPS Attributes. + This is not as par the WPS2.0 specs, but to avoid interop issues, + ignore the padding by reducing the attribute length by 1. + 2. Bypass WPS-Config method validation: Some APs set display/pbc + button bit without setting virtual/physical display/button bit which + will cause M2 validation fail, bypassing WPS-Config method validation. + endmenu diff --git a/components/wpa_supplicant/src/wps/wps_attr_parse.c b/components/wpa_supplicant/src/wps/wps_attr_parse.c index dfe9b5359d..143be1186a 100644 --- a/components/wpa_supplicant/src/wps/wps_attr_parse.c +++ b/components/wpa_supplicant/src/wps/wps_attr_parse.c @@ -128,10 +128,44 @@ static int wps_parse_vendor_ext(struct wps_parse_attr *attr, const u8 *pos, return 0; } +static u16 wps_ignore_null_padding_in_attr(const u8 *pos, u16 type, u16 attr_data_len) +{ + u16 len = attr_data_len; + + if (len == 0) + return 0; +#ifdef CONFIG_WPA_WPS_WARS + /* + * Some AP's keep NULL-padding at the end of some variable length WPS Attributes. + * This is not as par the WPS2.0 specs, but to avoid interop issues, ignore the + * padding by reducing the attribute length by 1. + */ + switch (type) { + case ATTR_MANUFACTURER: + case ATTR_MODEL_NAME: + case ATTR_MODEL_NUMBER: + case ATTR_SERIAL_NUMBER: + case ATTR_DEV_NAME: + case ATTR_SSID: + case ATTR_NETWORK_KEY: + if (pos[len - 1] == 0) + len--; + break; + default: + break; + } +#endif + + return len; +} static int wps_set_attr(struct wps_parse_attr *attr, u16 type, - const u8 *pos, u16 len) + const u8 *pos, u16 attr_data_len) { + u16 len; + + len = wps_ignore_null_padding_in_attr(pos, type, attr_data_len); + switch (type) { case ATTR_VERSION: if (len != 1) { @@ -637,4 +671,4 @@ int wps_parse_msg(const struct wpabuf *msg, struct wps_parse_attr *attr) } return 0; -} \ No newline at end of file +} diff --git a/components/wpa_supplicant/src/wps/wps_validate.c b/components/wpa_supplicant/src/wps/wps_validate.c index de0a46e7dd..4bbe0ffb1b 100644 --- a/components/wpa_supplicant/src/wps/wps_validate.c +++ b/components/wpa_supplicant/src/wps/wps_validate.c @@ -95,6 +95,7 @@ static int wps_validate_response_type(const u8 *response_type, int mandatory) static int valid_config_methods(u16 val, int wps2) { +#ifndef CONFIG_WPA_WPS_WARS if (wps2) { if (!(val & 0x6000) && (val & WPS_CONFIG_DISPLAY)) { wpa_printf(MSG_INFO, "WPS-STRICT: Display flag " @@ -108,6 +109,7 @@ static int valid_config_methods(u16 val, int wps2) } } +#endif return 1; }