[PATCH] WPS: Fix dropped WPS registrar negotiation

Michalis Pappas mpappas
Tue Sep 30 08:28:21 PDT 2014

During WPS registrar authentication, wpa_supplicant won't complete the
negotiation if the newly authorized registrar does not wish to push an updated
configuration to the AP. Instead, upon reception of M7, wpa_supplicant will
terminate the negotiation with a WPN_NACK and issue a WPS-FAIL event. Nevertheless,
later it will connect to the AP using the received credentials.

This behaviour seems to be broken both semantically and from the standard's point of
view. WPS-FAIL will confuse any applications interfacing with wpa_supplicant to think
that the negotiation failed. Moreover, according to the standard, M8 is not
optional, so WPS_NACK is expected to be sent only when failing to authenticating
or processing a message.

This patch gets wpa_supplicant complete the WPS negotiation and issue a WPS-SUCCESS.

Signed-off-by: Michalis Pappas <mpappas at aminocom.com>
 src/wps/wps_registrar.c |   11 +----------
 1 files changed, 1 insertions(+), 10 deletions(-)

diff --git a/src/wps/wps_registrar.c b/src/wps/wps_registrar.c
index b90cc25..d28b153 100644
--- a/src/wps/wps_registrar.c
+++ b/src/wps/wps_registrar.c
@@ -2814,19 +2814,11 @@ static int wps_process_ap_settings_r(struct wps_data *wps,
 		wpa_printf(MSG_INFO, "WPS: Update AP configuration based on "
 			   "new settings");
 		wps_cred_update(&wps->cred, wps->new_ap_settings);
-		return 0;
 	} else {
 		 * Use the AP PIN only to receive the current AP settings, not
 		 * to reconfigure the AP.
-		/*
-		 * Clear selected registrar here since we do not get to
-		 * WSC_Done in this protocol run.
-		 */
-		wps_registrar_pin_completed(wps->wps->registrar);
 		msg = wps_build_ap_cred(wps);
 		if (msg == NULL)
 			return -1;
@@ -2844,9 +2836,8 @@ static int wps_process_ap_settings_r(struct wps_data *wps,
 		wps->cred.cred_attr = NULL;
 		wps->cred.cred_attr_len = 0;
-		return 1;
+	return 0;

More information about the Hostap mailing list