Line data Source code
1 : /*
2 : * Wi-Fi Protected Setup
3 : * Copyright (c) 2007-2009, Jouni Malinen <j@w1.fi>
4 : *
5 : * This software may be distributed under the terms of the BSD license.
6 : * See README for more details.
7 : */
8 :
9 : #include "includes.h"
10 :
11 : #include "common.h"
12 : #include "crypto/dh_group5.h"
13 : #include "common/ieee802_11_defs.h"
14 : #include "wps_i.h"
15 : #include "wps_dev_attr.h"
16 :
17 :
18 : #ifdef CONFIG_WPS_TESTING
19 : int wps_version_number = 0x20;
20 : int wps_testing_dummy_cred = 0;
21 : int wps_corrupt_pkhash = 0;
22 : int wps_force_auth_types_in_use = 0;
23 : u16 wps_force_auth_types = 0;
24 : int wps_force_encr_types_in_use = 0;
25 : u16 wps_force_encr_types = 0;
26 : #endif /* CONFIG_WPS_TESTING */
27 :
28 :
29 : /**
30 : * wps_init - Initialize WPS Registration protocol data
31 : * @cfg: WPS configuration
32 : * Returns: Pointer to allocated data or %NULL on failure
33 : *
34 : * This function is used to initialize WPS data for a registration protocol
35 : * instance (i.e., each run of registration protocol as a Registrar of
36 : * Enrollee. The caller is responsible for freeing this data after the
37 : * registration run has been completed by calling wps_deinit().
38 : */
39 1144 : struct wps_data * wps_init(const struct wps_config *cfg)
40 : {
41 1144 : struct wps_data *data = os_zalloc(sizeof(*data));
42 1144 : if (data == NULL)
43 2 : return NULL;
44 1142 : data->wps = cfg->wps;
45 1142 : data->registrar = cfg->registrar;
46 1142 : if (cfg->registrar) {
47 590 : os_memcpy(data->uuid_r, cfg->wps->uuid, WPS_UUID_LEN);
48 : } else {
49 552 : os_memcpy(data->mac_addr_e, cfg->wps->dev.mac_addr, ETH_ALEN);
50 552 : os_memcpy(data->uuid_e, cfg->wps->uuid, WPS_UUID_LEN);
51 : }
52 1142 : if (cfg->pin) {
53 481 : data->dev_pw_id = cfg->dev_pw_id;
54 481 : data->dev_password = os_malloc(cfg->pin_len);
55 481 : if (data->dev_password == NULL) {
56 1 : os_free(data);
57 1 : return NULL;
58 : }
59 480 : os_memcpy(data->dev_password, cfg->pin, cfg->pin_len);
60 480 : data->dev_password_len = cfg->pin_len;
61 960 : wpa_hexdump_key(MSG_DEBUG, "WPS: AP PIN dev_password",
62 480 : data->dev_password, data->dev_password_len);
63 : }
64 :
65 : #ifdef CONFIG_WPS_NFC
66 1802 : if (cfg->pin == NULL &&
67 661 : cfg->dev_pw_id == DEV_PW_NFC_CONNECTION_HANDOVER)
68 18 : data->dev_pw_id = cfg->dev_pw_id;
69 :
70 1141 : if (cfg->wps->ap && !cfg->registrar && cfg->wps->ap_nfc_dev_pw_id) {
71 : /* Keep AP PIN as alternative Device Password */
72 1 : data->alt_dev_pw_id = data->dev_pw_id;
73 1 : data->alt_dev_password = data->dev_password;
74 1 : data->alt_dev_password_len = data->dev_password_len;
75 :
76 1 : data->dev_pw_id = cfg->wps->ap_nfc_dev_pw_id;
77 1 : data->dev_password =
78 1 : os_malloc(wpabuf_len(cfg->wps->ap_nfc_dev_pw));
79 1 : if (data->dev_password == NULL) {
80 0 : os_free(data);
81 0 : return NULL;
82 : }
83 1 : os_memcpy(data->dev_password,
84 : wpabuf_head(cfg->wps->ap_nfc_dev_pw),
85 : wpabuf_len(cfg->wps->ap_nfc_dev_pw));
86 1 : data->dev_password_len = wpabuf_len(cfg->wps->ap_nfc_dev_pw);
87 2 : wpa_hexdump_key(MSG_DEBUG, "WPS: NFC dev_password",
88 1 : data->dev_password, data->dev_password_len);
89 : }
90 : #endif /* CONFIG_WPS_NFC */
91 :
92 1141 : data->pbc = cfg->pbc;
93 1141 : if (cfg->pbc) {
94 : /* Use special PIN '00000000' for PBC */
95 104 : data->dev_pw_id = DEV_PW_PUSHBUTTON;
96 104 : bin_clear_free(data->dev_password, data->dev_password_len);
97 104 : data->dev_password = (u8 *) os_strdup("00000000");
98 104 : if (data->dev_password == NULL) {
99 1 : os_free(data);
100 1 : return NULL;
101 : }
102 103 : data->dev_password_len = 8;
103 : }
104 :
105 1140 : data->state = data->registrar ? RECV_M1 : SEND_M1;
106 :
107 1140 : if (cfg->assoc_wps_ie) {
108 : struct wps_parse_attr attr;
109 533 : wpa_hexdump_buf(MSG_DEBUG, "WPS: WPS IE from (Re)AssocReq",
110 : cfg->assoc_wps_ie);
111 533 : if (wps_parse_msg(cfg->assoc_wps_ie, &attr) < 0) {
112 1 : wpa_printf(MSG_DEBUG, "WPS: Failed to parse WPS IE "
113 : "from (Re)AssocReq");
114 532 : } else if (attr.request_type == NULL) {
115 0 : wpa_printf(MSG_DEBUG, "WPS: No Request Type attribute "
116 : "in (Re)AssocReq WPS IE");
117 : } else {
118 532 : wpa_printf(MSG_DEBUG, "WPS: Request Type (from WPS IE "
119 : "in (Re)AssocReq WPS IE): %d",
120 532 : *attr.request_type);
121 532 : data->request_type = *attr.request_type;
122 : }
123 : }
124 :
125 1140 : if (cfg->new_ap_settings) {
126 19 : data->new_ap_settings =
127 19 : os_malloc(sizeof(*data->new_ap_settings));
128 19 : if (data->new_ap_settings == NULL) {
129 1 : bin_clear_free(data->dev_password,
130 : data->dev_password_len);
131 1 : os_free(data);
132 1 : return NULL;
133 : }
134 18 : os_memcpy(data->new_ap_settings, cfg->new_ap_settings,
135 : sizeof(*data->new_ap_settings));
136 : }
137 :
138 1139 : if (cfg->peer_addr)
139 586 : os_memcpy(data->peer_dev.mac_addr, cfg->peer_addr, ETH_ALEN);
140 1139 : if (cfg->p2p_dev_addr)
141 242 : os_memcpy(data->p2p_dev_addr, cfg->p2p_dev_addr, ETH_ALEN);
142 :
143 1139 : data->use_psk_key = cfg->use_psk_key;
144 1139 : data->pbc_in_m1 = cfg->pbc_in_m1;
145 :
146 1139 : if (cfg->peer_pubkey_hash) {
147 18 : os_memcpy(data->peer_pubkey_hash, cfg->peer_pubkey_hash,
148 : WPS_OOB_PUBKEY_HASH_LEN);
149 18 : data->peer_pubkey_hash_set = 1;
150 : }
151 :
152 1139 : return data;
153 : }
154 :
155 :
156 : /**
157 : * wps_deinit - Deinitialize WPS Registration protocol data
158 : * @data: WPS Registration protocol data from wps_init()
159 : */
160 1139 : void wps_deinit(struct wps_data *data)
161 : {
162 : #ifdef CONFIG_WPS_NFC
163 1139 : if (data->registrar && data->nfc_pw_token)
164 30 : wps_registrar_remove_nfc_pw_token(data->wps->registrar,
165 : data->nfc_pw_token);
166 : #endif /* CONFIG_WPS_NFC */
167 :
168 1139 : if (data->wps_pin_revealed) {
169 14 : wpa_printf(MSG_DEBUG, "WPS: Full PIN information revealed and "
170 : "negotiation failed");
171 14 : if (data->registrar)
172 14 : wps_registrar_invalidate_pin(data->wps->registrar,
173 14 : data->uuid_e);
174 1125 : } else if (data->registrar)
175 575 : wps_registrar_unlock_pin(data->wps->registrar, data->uuid_e);
176 :
177 1139 : wpabuf_clear_free(data->dh_privkey);
178 1139 : wpabuf_free(data->dh_pubkey_e);
179 1139 : wpabuf_free(data->dh_pubkey_r);
180 1139 : wpabuf_free(data->last_msg);
181 1139 : bin_clear_free(data->dev_password, data->dev_password_len);
182 1139 : bin_clear_free(data->alt_dev_password, data->alt_dev_password_len);
183 1139 : bin_clear_free(data->new_psk, data->new_psk_len);
184 1139 : wps_device_data_free(&data->peer_dev);
185 1139 : bin_clear_free(data->new_ap_settings, sizeof(*data->new_ap_settings));
186 1139 : dh5_free(data->dh_ctx);
187 1139 : os_free(data);
188 1139 : }
189 :
190 :
191 : /**
192 : * wps_process_msg - Process a WPS message
193 : * @wps: WPS Registration protocol data from wps_init()
194 : * @op_code: Message OP Code
195 : * @msg: Message data
196 : * Returns: Processing result
197 : *
198 : * This function is used to process WPS messages with OP Codes WSC_ACK,
199 : * WSC_NACK, WSC_MSG, and WSC_Done. The caller (e.g., EAP server/peer) is
200 : * responsible for reassembling the messages before calling this function.
201 : * Response to this message is built by calling wps_get_msg().
202 : */
203 3843 : enum wps_process_res wps_process_msg(struct wps_data *wps,
204 : enum wsc_op_code op_code,
205 : const struct wpabuf *msg)
206 : {
207 3843 : if (wps->registrar)
208 2143 : return wps_registrar_process_msg(wps, op_code, msg);
209 : else
210 1700 : return wps_enrollee_process_msg(wps, op_code, msg);
211 : }
212 :
213 :
214 : /**
215 : * wps_get_msg - Build a WPS message
216 : * @wps: WPS Registration protocol data from wps_init()
217 : * @op_code: Buffer for returning message OP Code
218 : * Returns: The generated WPS message or %NULL on failure
219 : *
220 : * This function is used to build a response to a message processed by calling
221 : * wps_process_msg(). The caller is responsible for freeing the buffer.
222 : */
223 3861 : struct wpabuf * wps_get_msg(struct wps_data *wps, enum wsc_op_code *op_code)
224 : {
225 3861 : if (wps->registrar)
226 1685 : return wps_registrar_get_msg(wps, op_code);
227 : else
228 2176 : return wps_enrollee_get_msg(wps, op_code);
229 : }
230 :
231 :
232 : /**
233 : * wps_is_selected_pbc_registrar - Check whether WPS IE indicates active PBC
234 : * @msg: WPS IE contents from Beacon or Probe Response frame
235 : * Returns: 1 if PBC Registrar is active, 0 if not
236 : */
237 5148 : int wps_is_selected_pbc_registrar(const struct wpabuf *msg)
238 : {
239 : struct wps_parse_attr attr;
240 :
241 : /*
242 : * In theory, this could also verify that attr.sel_reg_config_methods
243 : * includes WPS_CONFIG_PUSHBUTTON, but some deployed AP implementations
244 : * do not set Selected Registrar Config Methods attribute properly, so
245 : * it is safer to just use Device Password ID here.
246 : */
247 :
248 10278 : if (wps_parse_msg(msg, &attr) < 0 ||
249 13068 : !attr.selected_registrar || *attr.selected_registrar == 0 ||
250 7938 : !attr.dev_password_id ||
251 3969 : WPA_GET_BE16(attr.dev_password_id) != DEV_PW_PUSHBUTTON)
252 4420 : return 0;
253 :
254 : #ifdef CONFIG_WPS_STRICT
255 : if (!attr.sel_reg_config_methods ||
256 : !(WPA_GET_BE16(attr.sel_reg_config_methods) &
257 : WPS_CONFIG_PUSHBUTTON))
258 : return 0;
259 : #endif /* CONFIG_WPS_STRICT */
260 :
261 728 : return 1;
262 : }
263 :
264 :
265 949 : static int is_selected_pin_registrar(struct wps_parse_attr *attr)
266 : {
267 : /*
268 : * In theory, this could also verify that attr.sel_reg_config_methods
269 : * includes WPS_CONFIG_LABEL, WPS_CONFIG_DISPLAY, or WPS_CONFIG_KEYPAD,
270 : * but some deployed AP implementations do not set Selected Registrar
271 : * Config Methods attribute properly, so it is safer to just use
272 : * Device Password ID here.
273 : */
274 :
275 949 : if (!attr->selected_registrar || *attr->selected_registrar == 0)
276 703 : return 0;
277 :
278 492 : if (attr->dev_password_id != NULL &&
279 246 : WPA_GET_BE16(attr->dev_password_id) == DEV_PW_PUSHBUTTON)
280 3 : return 0;
281 :
282 : #ifdef CONFIG_WPS_STRICT
283 : if (!attr->sel_reg_config_methods ||
284 : !(WPA_GET_BE16(attr->sel_reg_config_methods) &
285 : (WPS_CONFIG_LABEL | WPS_CONFIG_DISPLAY | WPS_CONFIG_KEYPAD)))
286 : return 0;
287 : #endif /* CONFIG_WPS_STRICT */
288 :
289 243 : return 1;
290 : }
291 :
292 :
293 : /**
294 : * wps_is_selected_pin_registrar - Check whether WPS IE indicates active PIN
295 : * @msg: WPS IE contents from Beacon or Probe Response frame
296 : * Returns: 1 if PIN Registrar is active, 0 if not
297 : */
298 956 : int wps_is_selected_pin_registrar(const struct wpabuf *msg)
299 : {
300 : struct wps_parse_attr attr;
301 :
302 956 : if (wps_parse_msg(msg, &attr) < 0)
303 15 : return 0;
304 :
305 941 : return is_selected_pin_registrar(&attr);
306 : }
307 :
308 :
309 : /**
310 : * wps_is_addr_authorized - Check whether WPS IE authorizes MAC address
311 : * @msg: WPS IE contents from Beacon or Probe Response frame
312 : * @addr: MAC address to search for
313 : * @ver1_compat: Whether to use version 1 compatibility mode
314 : * Returns: 2 if the specified address is explicit authorized, 1 if address is
315 : * authorized (broadcast), 0 if not
316 : */
317 5160 : int wps_is_addr_authorized(const struct wpabuf *msg, const u8 *addr,
318 : int ver1_compat)
319 : {
320 : struct wps_parse_attr attr;
321 : unsigned int i;
322 : const u8 *pos;
323 5160 : const u8 bcast[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
324 :
325 5160 : if (wps_parse_msg(msg, &attr) < 0)
326 18 : return 0;
327 :
328 5142 : if (!attr.version2 && ver1_compat) {
329 : /*
330 : * Version 1.0 AP - AuthorizedMACs not used, so revert back to
331 : * old mechanism of using SelectedRegistrar.
332 : */
333 8 : return is_selected_pin_registrar(&attr);
334 : }
335 :
336 5134 : if (!attr.authorized_macs)
337 1217 : return 0;
338 :
339 3917 : pos = attr.authorized_macs;
340 3935 : for (i = 0; i < attr.authorized_macs_len / ETH_ALEN; i++) {
341 3917 : if (os_memcmp(pos, addr, ETH_ALEN) == 0)
342 609 : return 2;
343 3308 : if (os_memcmp(pos, bcast, ETH_ALEN) == 0)
344 3290 : return 1;
345 18 : pos += ETH_ALEN;
346 : }
347 :
348 18 : return 0;
349 : }
350 :
351 :
352 : /**
353 : * wps_ap_priority_compar - Prioritize WPS IE from two APs
354 : * @wps_a: WPS IE contents from Beacon or Probe Response frame
355 : * @wps_b: WPS IE contents from Beacon or Probe Response frame
356 : * Returns: 1 if wps_b is considered more likely selection for WPS
357 : * provisioning, -1 if wps_a is considered more like, or 0 if no preference
358 : */
359 123 : int wps_ap_priority_compar(const struct wpabuf *wps_a,
360 : const struct wpabuf *wps_b)
361 : {
362 : struct wps_parse_attr attr;
363 : int sel_a, sel_b;
364 :
365 123 : if (wps_a == NULL || wps_parse_msg(wps_a, &attr) < 0)
366 1 : return 1;
367 122 : sel_a = attr.selected_registrar && *attr.selected_registrar != 0;
368 :
369 122 : if (wps_b == NULL || wps_parse_msg(wps_b, &attr) < 0)
370 1 : return -1;
371 121 : sel_b = attr.selected_registrar && *attr.selected_registrar != 0;
372 :
373 121 : if (sel_a && !sel_b)
374 5 : return -1;
375 116 : if (!sel_a && sel_b)
376 66 : return 1;
377 :
378 50 : return 0;
379 : }
380 :
381 :
382 : /**
383 : * wps_get_uuid_e - Get UUID-E from WPS IE
384 : * @msg: WPS IE contents from Beacon or Probe Response frame
385 : * Returns: Pointer to UUID-E or %NULL if not included
386 : *
387 : * The returned pointer is to the msg contents and it remains valid only as
388 : * long as the msg buffer is valid.
389 : */
390 1125 : const u8 * wps_get_uuid_e(const struct wpabuf *msg)
391 : {
392 : struct wps_parse_attr attr;
393 :
394 1125 : if (wps_parse_msg(msg, &attr) < 0)
395 3 : return NULL;
396 1122 : return attr.uuid_e;
397 : }
398 :
399 :
400 : /**
401 : * wps_is_20 - Check whether WPS attributes claim support for WPS 2.0
402 : */
403 1074 : int wps_is_20(const struct wpabuf *msg)
404 : {
405 : struct wps_parse_attr attr;
406 :
407 1074 : if (msg == NULL || wps_parse_msg(msg, &attr) < 0)
408 1 : return 0;
409 1073 : return attr.version2 != NULL;
410 : }
411 :
412 :
413 : /**
414 : * wps_build_assoc_req_ie - Build WPS IE for (Re)Association Request
415 : * @req_type: Value for Request Type attribute
416 : * Returns: WPS IE or %NULL on failure
417 : *
418 : * The caller is responsible for freeing the buffer.
419 : */
420 538 : struct wpabuf * wps_build_assoc_req_ie(enum wps_request_type req_type)
421 : {
422 : struct wpabuf *ie;
423 : u8 *len;
424 :
425 538 : wpa_printf(MSG_DEBUG, "WPS: Building WPS IE for (Re)Association "
426 : "Request");
427 538 : ie = wpabuf_alloc(100);
428 538 : if (ie == NULL)
429 1 : return NULL;
430 :
431 537 : wpabuf_put_u8(ie, WLAN_EID_VENDOR_SPECIFIC);
432 537 : len = wpabuf_put(ie, 1);
433 537 : wpabuf_put_be32(ie, WPS_DEV_OUI_WFA);
434 :
435 1074 : if (wps_build_version(ie) ||
436 1074 : wps_build_req_type(ie, req_type) ||
437 537 : wps_build_wfa_ext(ie, 0, NULL, 0)) {
438 0 : wpabuf_free(ie);
439 0 : return NULL;
440 : }
441 :
442 537 : *len = wpabuf_len(ie) - 2;
443 :
444 537 : return ie;
445 : }
446 :
447 :
448 : /**
449 : * wps_build_assoc_resp_ie - Build WPS IE for (Re)Association Response
450 : * Returns: WPS IE or %NULL on failure
451 : *
452 : * The caller is responsible for freeing the buffer.
453 : */
454 3413 : struct wpabuf * wps_build_assoc_resp_ie(void)
455 : {
456 : struct wpabuf *ie;
457 : u8 *len;
458 :
459 3413 : wpa_printf(MSG_DEBUG, "WPS: Building WPS IE for (Re)Association "
460 : "Response");
461 3413 : ie = wpabuf_alloc(100);
462 3413 : if (ie == NULL)
463 1 : return NULL;
464 :
465 3412 : wpabuf_put_u8(ie, WLAN_EID_VENDOR_SPECIFIC);
466 3412 : len = wpabuf_put(ie, 1);
467 3412 : wpabuf_put_be32(ie, WPS_DEV_OUI_WFA);
468 :
469 6824 : if (wps_build_version(ie) ||
470 6824 : wps_build_resp_type(ie, WPS_RESP_AP) ||
471 3412 : wps_build_wfa_ext(ie, 0, NULL, 0)) {
472 0 : wpabuf_free(ie);
473 0 : return NULL;
474 : }
475 :
476 3412 : *len = wpabuf_len(ie) - 2;
477 :
478 3412 : return ie;
479 : }
480 :
481 :
482 : /**
483 : * wps_build_probe_req_ie - Build WPS IE for Probe Request
484 : * @pw_id: Password ID (DEV_PW_PUSHBUTTON for active PBC and DEV_PW_DEFAULT for
485 : * most other use cases)
486 : * @dev: Device attributes
487 : * @uuid: Own UUID
488 : * @req_type: Value for Request Type attribute
489 : * @num_req_dev_types: Number of requested device types
490 : * @req_dev_types: Requested device types (8 * num_req_dev_types octets) or
491 : * %NULL if none
492 : * Returns: WPS IE or %NULL on failure
493 : *
494 : * The caller is responsible for freeing the buffer.
495 : */
496 5578 : struct wpabuf * wps_build_probe_req_ie(u16 pw_id, struct wps_device_data *dev,
497 : const u8 *uuid,
498 : enum wps_request_type req_type,
499 : unsigned int num_req_dev_types,
500 : const u8 *req_dev_types)
501 : {
502 : struct wpabuf *ie;
503 :
504 5578 : wpa_printf(MSG_DEBUG, "WPS: Building WPS IE for Probe Request");
505 :
506 5578 : ie = wpabuf_alloc(500);
507 5578 : if (ie == NULL)
508 1 : return NULL;
509 :
510 11154 : if (wps_build_version(ie) ||
511 11154 : wps_build_req_type(ie, req_type) ||
512 11154 : wps_build_config_methods(ie, dev->config_methods) ||
513 11154 : wps_build_uuid_e(ie, uuid) ||
514 11154 : wps_build_primary_dev_type(dev, ie) ||
515 11154 : wps_build_rf_bands(dev, ie, 0) ||
516 11154 : wps_build_assoc_state(NULL, ie) ||
517 11154 : wps_build_config_error(ie, WPS_CFG_NO_ERROR) ||
518 11154 : wps_build_dev_password_id(ie, pw_id) ||
519 11154 : wps_build_manufacturer(dev, ie) ||
520 11154 : wps_build_model_name(dev, ie) ||
521 11154 : wps_build_model_number(dev, ie) ||
522 11154 : wps_build_dev_name(dev, ie) ||
523 11154 : wps_build_wfa_ext(ie, req_type == WPS_REQ_ENROLLEE, NULL, 0) ||
524 5577 : wps_build_req_dev_type(dev, ie, num_req_dev_types, req_dev_types)
525 5577 : ||
526 5577 : wps_build_secondary_dev_type(dev, ie)
527 : ) {
528 0 : wpabuf_free(ie);
529 0 : return NULL;
530 : }
531 :
532 5577 : return wps_ie_encapsulate(ie);
533 : }
534 :
535 :
536 710 : void wps_free_pending_msgs(struct upnp_pending_message *msgs)
537 : {
538 : struct upnp_pending_message *p, *prev;
539 710 : p = msgs;
540 1420 : while (p) {
541 0 : prev = p;
542 0 : p = p->next;
543 0 : wpabuf_free(prev->msg);
544 0 : os_free(prev);
545 : }
546 710 : }
547 :
548 :
549 1506 : int wps_attr_text(struct wpabuf *data, char *buf, char *end)
550 : {
551 : struct wps_parse_attr attr;
552 1506 : char *pos = buf;
553 : int ret;
554 :
555 1506 : if (wps_parse_msg(data, &attr) < 0)
556 4 : return -1;
557 :
558 1502 : if (attr.wps_state) {
559 1502 : if (*attr.wps_state == WPS_STATE_NOT_CONFIGURED)
560 12 : ret = os_snprintf(pos, end - pos,
561 : "wps_state=unconfigured\n");
562 1490 : else if (*attr.wps_state == WPS_STATE_CONFIGURED)
563 1487 : ret = os_snprintf(pos, end - pos,
564 : "wps_state=configured\n");
565 : else
566 3 : ret = 0;
567 1502 : if (os_snprintf_error(end - pos, ret))
568 0 : return pos - buf;
569 1502 : pos += ret;
570 : }
571 :
572 1502 : if (attr.ap_setup_locked && *attr.ap_setup_locked) {
573 2 : ret = os_snprintf(pos, end - pos,
574 : "wps_ap_setup_locked=1\n");
575 2 : if (os_snprintf_error(end - pos, ret))
576 0 : return pos - buf;
577 2 : pos += ret;
578 : }
579 :
580 1502 : if (attr.selected_registrar && *attr.selected_registrar) {
581 1392 : ret = os_snprintf(pos, end - pos,
582 : "wps_selected_registrar=1\n");
583 1392 : if (os_snprintf_error(end - pos, ret))
584 0 : return pos - buf;
585 1392 : pos += ret;
586 : }
587 :
588 1502 : if (attr.dev_password_id) {
589 1392 : ret = os_snprintf(pos, end - pos,
590 : "wps_device_password_id=%u\n",
591 1392 : WPA_GET_BE16(attr.dev_password_id));
592 1392 : if (os_snprintf_error(end - pos, ret))
593 0 : return pos - buf;
594 1392 : pos += ret;
595 : }
596 :
597 1502 : if (attr.sel_reg_config_methods) {
598 1392 : ret = os_snprintf(pos, end - pos,
599 : "wps_selected_registrar_config_methods="
600 : "0x%04x\n",
601 1392 : WPA_GET_BE16(attr.sel_reg_config_methods));
602 1392 : if (os_snprintf_error(end - pos, ret))
603 0 : return pos - buf;
604 1392 : pos += ret;
605 : }
606 :
607 1502 : if (attr.primary_dev_type) {
608 : char devtype[WPS_DEV_TYPE_BUFSIZE];
609 1499 : ret = os_snprintf(pos, end - pos,
610 : "wps_primary_device_type=%s\n",
611 : wps_dev_type_bin2str(attr.primary_dev_type,
612 : devtype,
613 : sizeof(devtype)));
614 1499 : if (os_snprintf_error(end - pos, ret))
615 0 : return pos - buf;
616 1499 : pos += ret;
617 : }
618 :
619 1502 : if (attr.dev_name) {
620 1502 : char *str = os_malloc(attr.dev_name_len + 1);
621 : size_t i;
622 1502 : if (str == NULL)
623 1 : return pos - buf;
624 15611 : for (i = 0; i < attr.dev_name_len; i++) {
625 28220 : if (attr.dev_name[i] == 0 ||
626 14110 : is_ctrl_char(attr.dev_name[i]))
627 2 : str[i] = '_';
628 : else
629 14108 : str[i] = attr.dev_name[i];
630 : }
631 1501 : str[i] = '\0';
632 1501 : ret = os_snprintf(pos, end - pos, "wps_device_name=%s\n", str);
633 1501 : os_free(str);
634 1501 : if (os_snprintf_error(end - pos, ret))
635 0 : return pos - buf;
636 1501 : pos += ret;
637 : }
638 :
639 1501 : if (attr.config_methods) {
640 1499 : ret = os_snprintf(pos, end - pos,
641 : "wps_config_methods=0x%04x\n",
642 1499 : WPA_GET_BE16(attr.config_methods));
643 1499 : if (os_snprintf_error(end - pos, ret))
644 0 : return pos - buf;
645 1499 : pos += ret;
646 : }
647 :
648 1501 : return pos - buf;
649 : }
650 :
651 :
652 3 : const char * wps_ei_str(enum wps_error_indication ei)
653 : {
654 3 : switch (ei) {
655 : case WPS_EI_NO_ERROR:
656 0 : return "No Error";
657 : case WPS_EI_SECURITY_TKIP_ONLY_PROHIBITED:
658 0 : return "TKIP Only Prohibited";
659 : case WPS_EI_SECURITY_WEP_PROHIBITED:
660 3 : return "WEP Prohibited";
661 : case WPS_EI_AUTH_FAILURE:
662 0 : return "Authentication Failure";
663 : default:
664 0 : return "Unknown";
665 : }
666 : }
|