[patch] Can't pass Wi-Fi WPS Test Plan.

Chuck Tuffli Chuck.Tuffli
Thu Jan 22 08:26:51 PST 2009

On Thu Jan 22, 2009 at 5:15 AM, Jouni Malinen wrote:
> These attributes are only optional if Selected Registrar is FALSE. If
> the external Registrar used SetSelectedRegistrar, the AP is required to
> include these attributes. While I can agree that there are cases where
> it could be beneficial to send M1 to such an AP without selected
> registrar attribute set to 1 (e.g., if the optional Probe Request WPS IE
> cannot be added), this is likely to cause problems for environments
> where there are multiple WPS-enabled (but not active in the sense of
> having a selected registrar) APs.
> If the selected registrar check is removed, wpa_supplicant would need to
> try connecting to every WPS-enabled AP in order to find the AP that has
> the a selected registrar. This can take considerable amount of time if
> there are large number of APs in scan results. Consequently, I do not
> really want to make this change to be default behavior.

The problem I ran into with the test bed devices is exactly the worst case
scenario you describe. Most AP's (with Atheros being the exception :) ) in
PIN mode with an external registrar won't set the Selected Registrar bit
until after the enrollee tries the WPS protocol once. The typical sequence
from the enrollee's point of view is:

Beacon/Probe Response w/ either a missing or unset Selected Registrar
EAP Start ->
<- Request ID
Response ID ->
<- WSC_Start
M1 ->
<- M2D
WSC_Ack ->
Beacon/Probe Response w/ Selected Registrar=1

The BSS selection algorithm that worked for me was to first look for a WPS
enabled AP with the Selected Registrar set. If no BSS matched and this is
PIN mode, associate with the first non-black listed BSS. Eventually, the
supplicant exhausts the list of available BSS, clears the black list, and
starts scanning again. This time, though, the AP with the external
registrar has set Selected Registrar, and WPS completes normally. At least
half of the enrollee certification tests use an external registrar, and we
couldn't pass without doing something like the above.

Have I mentioned recently that I hate external registrars :)


DSP Group, Inc. automatically scans all emails and attachments using MessageLabs Email Security System.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/hostap/attachments/20090122/46c2eb10/attachment.htm 

More information about the Hostap mailing list