[PATCH] WPS: Fix hostapd PBC with Windows 7 supplicant

Jouni Malinen j
Tue May 17 10:03:20 PDT 2011

On Mon, Apr 25, 2011 at 07:32:32PM +0900, Masashi Honma wrote:
> 1) I should clarify the aim of my patch.
>  - This is a pacth for hostapd.
>  - This patch make hostapd to be connectable by Windows 7 supplicant
>    with WPS PBC.
>  - My patch changes a process of AP in Enrollee mode but this is not
>    a patch for AP in Enrollee mode. This is because broken Windows
>    supplicant requires M1 message.

I added a more complete workaround for Windows 7 WPS and PBC. This
behavior from your patch of including PushButton in M1 is enabled
automatically if ap_pin is not set and config_methods does not include
display (i.e., only PBC is enabled). In addition to that, pbc_in_m1=1
configuration option can be used to force the PushButton config method
to be left in M1 to allow Windows 7 to use PBC even if PIN methods are

> 2) I have gotten new test plan.
> I have used very old Wi-Fi test plan v 1.6. Now, I have a newest one
> v 2.0.3. The v 2.0.3's test 4.1.1 says "check M2 message". Thus, now
> my patch does not affect the test because my patch changes only M1
> message. And 4.1.2 checks only config methods attribute of probe
> response, not M1. So, my patch doesn't affect to Wi-Fi certification.

The issue comes from the combination of Probe Response frame validation
and another test plan requiring config methods to match between Probe
Response and M1 from the AP. Anyway, there does not seem to be any good
way of controlling what Windows 7 shows for the user as available WPS
configuration methods, so there seems to be strong enough reasons for
including the workaround and for making it configurable.

Jouni Malinen                                            PGP id EFC895FA

More information about the Hostap mailing list