#include "wps.h"
+#ifndef WPS_STRICT_ALL
+#define WPS_STRICT_WPS2
+#endif /* WPS_STRICT_ALL */
+
+
static int wps_validate_version(const u8 *version, int mandatory)
{
if (version == NULL) {
return -1;
}
- if (wps_validate_network_idx(attr.network_idx, 0) ||
+ if (wps_validate_network_idx(attr.network_idx, 1) ||
wps_validate_ssid(attr.ssid, attr.ssid_len, 1) ||
wps_validate_auth_type(attr.auth_type, 1) ||
wps_validate_encr_type(attr.encr_type, 1) ||
}
-int wps_validate_beacon_probe_resp(const struct wpabuf *wps_ie, int probe)
+int wps_validate_beacon_probe_resp(const struct wpabuf *wps_ie, int probe,
+ const u8 *addr)
{
struct wps_parse_attr attr;
int wps2, sel_reg;
wps_validate_authorized_macs(attr.authorized_macs,
attr.authorized_macs_len, 0)) {
wpa_printf(MSG_INFO, "WPS-STRICT: Invalid %sProbe Response "
- "frame", probe ? "" : "Beacon/");
+ "frame from " MACSTR, probe ? "" : "Beacon/",
+ MAC2STR(addr));
+#ifdef WPS_STRICT_WPS2
+ if (wps2)
+ return -1;
+#else /* WPS_STRICT_WPS2 */
return -1;
+#endif /* WPS_STRICT_WPS2 */
}
return 0;
}
-int wps_validate_probe_req(const struct wpabuf *wps_ie)
+int wps_validate_probe_req(const struct wpabuf *wps_ie, const u8 *addr)
{
struct wps_parse_attr attr;
int wps2;
wps_validate_req_dev_type(attr.req_dev_type, attr.num_req_dev_type,
0)) {
wpa_printf(MSG_INFO, "WPS-STRICT: Invalid Probe Request "
- "frame");
+ "frame from " MACSTR, MAC2STR(addr));
return -1;
}
wps_validate_version2(attr.version2, wps2) ||
wps_validate_request_to_enroll(attr.request_to_enroll, 0)) {
wpa_printf(MSG_INFO, "WPS-STRICT: Invalid M1");
+#ifdef WPS_STRICT_WPS2
+ if (wps2)
+ return -1;
+#else /* WPS_STRICT_WPS2 */
return -1;
+#endif /* WPS_STRICT_WPS2 */
}
return 0;
wps_validate_version2(attr.version2, wps2) ||
wps_validate_authenticator(attr.authenticator, 1)) {
wpa_printf(MSG_INFO, "WPS-STRICT: Invalid M2");
+#ifdef WPS_STRICT_WPS2
+ if (wps2)
+ return -1;
+#else /* WPS_STRICT_WPS2 */
return -1;
+#endif /* WPS_STRICT_WPS2 */
}
return 0;
wps_validate_os_version(attr.os_version, 1) ||
wps_validate_version2(attr.version2, wps2)) {
wpa_printf(MSG_INFO, "WPS-STRICT: Invalid M2D");
+#ifdef WPS_STRICT_WPS2
+ if (wps2)
+ return -1;
+#else /* WPS_STRICT_WPS2 */
return -1;
+#endif /* WPS_STRICT_WPS2 */
}
return 0;
wps_validate_version2(attr.version2, wps2) ||
wps_validate_authenticator(attr.authenticator, 1)) {
wpa_printf(MSG_INFO, "WPS-STRICT: Invalid M3");
+#ifdef WPS_STRICT_WPS2
+ if (wps2)
+ return -1;
+#else /* WPS_STRICT_WPS2 */
return -1;
+#endif /* WPS_STRICT_WPS2 */
}
return 0;
wps_validate_version2(attr.version2, wps2) ||
wps_validate_authenticator(attr.authenticator, 1)) {
wpa_printf(MSG_INFO, "WPS-STRICT: Invalid M4");
+#ifdef WPS_STRICT_WPS2
+ if (wps2)
+ return -1;
+#else /* WPS_STRICT_WPS2 */
return -1;
+#endif /* WPS_STRICT_WPS2 */
}
return 0;
wps_validate_key_wrap_auth(attr.key_wrap_auth, 1)) {
wpa_printf(MSG_INFO, "WPS-STRICT: Invalid M4 encrypted "
"settings");
+#ifdef WPS_STRICT_WPS2
+ if (wps2)
+ return -1;
+#else /* WPS_STRICT_WPS2 */
return -1;
+#endif /* WPS_STRICT_WPS2 */
}
return 0;
wps_validate_version2(attr.version2, wps2) ||
wps_validate_authenticator(attr.authenticator, 1)) {
wpa_printf(MSG_INFO, "WPS-STRICT: Invalid M5");
+#ifdef WPS_STRICT_WPS2
+ if (wps2)
+ return -1;
+#else /* WPS_STRICT_WPS2 */
return -1;
+#endif /* WPS_STRICT_WPS2 */
}
return 0;
wps_validate_key_wrap_auth(attr.key_wrap_auth, 1)) {
wpa_printf(MSG_INFO, "WPS-STRICT: Invalid M5 encrypted "
"settings");
+#ifdef WPS_STRICT_WPS2
+ if (wps2)
+ return -1;
+#else /* WPS_STRICT_WPS2 */
return -1;
+#endif /* WPS_STRICT_WPS2 */
}
return 0;
wps_validate_version2(attr.version2, wps2) ||
wps_validate_authenticator(attr.authenticator, 1)) {
wpa_printf(MSG_INFO, "WPS-STRICT: Invalid M6");
+#ifdef WPS_STRICT_WPS2
+ if (wps2)
+ return -1;
+#else /* WPS_STRICT_WPS2 */
return -1;
+#endif /* WPS_STRICT_WPS2 */
}
return 0;
wps_validate_key_wrap_auth(attr.key_wrap_auth, 1)) {
wpa_printf(MSG_INFO, "WPS-STRICT: Invalid M6 encrypted "
"settings");
+#ifdef WPS_STRICT_WPS2
+ if (wps2)
+ return -1;
+#else /* WPS_STRICT_WPS2 */
return -1;
+#endif /* WPS_STRICT_WPS2 */
}
return 0;
wps_validate_version2(attr.version2, wps2) ||
wps_validate_authenticator(attr.authenticator, 1)) {
wpa_printf(MSG_INFO, "WPS-STRICT: Invalid M7");
+#ifdef WPS_STRICT_WPS2
+ if (wps2)
+ return -1;
+#else /* WPS_STRICT_WPS2 */
return -1;
+#endif /* WPS_STRICT_WPS2 */
}
return 0;
wps_validate_key_wrap_auth(attr.key_wrap_auth, 1)) {
wpa_printf(MSG_INFO, "WPS-STRICT: Invalid M7 encrypted "
"settings");
+#ifdef WPS_STRICT_WPS2
+ if (wps2)
+ return -1;
+#else /* WPS_STRICT_WPS2 */
return -1;
+#endif /* WPS_STRICT_WPS2 */
}
return 0;
wps_validate_version2(attr.version2, wps2) ||
wps_validate_authenticator(attr.authenticator, 1)) {
wpa_printf(MSG_INFO, "WPS-STRICT: Invalid M8");
+#ifdef WPS_STRICT_WPS2
+ if (wps2)
+ return -1;
+#else /* WPS_STRICT_WPS2 */
return -1;
+#endif /* WPS_STRICT_WPS2 */
}
return 0;
wps_validate_key_wrap_auth(attr.key_wrap_auth, 1)) {
wpa_printf(MSG_INFO, "WPS-STRICT: Invalid M8 encrypted "
"settings");
+#ifdef WPS_STRICT_WPS2
+ if (wps2)
+ return -1;
+#else /* WPS_STRICT_WPS2 */
return -1;
+#endif /* WPS_STRICT_WPS2 */
}
return 0;
wps_validate_registrar_nonce(attr.registrar_nonce, 1) ||
wps_validate_version2(attr.version2, wps2)) {
wpa_printf(MSG_INFO, "WPS-STRICT: Invalid WSC_ACK");
+#ifdef WPS_STRICT_WPS2
+ if (wps2)
+ return -1;
+#else /* WPS_STRICT_WPS2 */
return -1;
+#endif /* WPS_STRICT_WPS2 */
}
return 0;
wps_validate_config_error(attr.config_error, 1) ||
wps_validate_version2(attr.version2, wps2)) {
wpa_printf(MSG_INFO, "WPS-STRICT: Invalid WSC_NACK");
+#ifdef WPS_STRICT_WPS2
+ if (wps2)
+ return -1;
+#else /* WPS_STRICT_WPS2 */
return -1;
+#endif /* WPS_STRICT_WPS2 */
}
return 0;
wps_validate_registrar_nonce(attr.registrar_nonce, 1) ||
wps_validate_version2(attr.version2, wps2)) {
wpa_printf(MSG_INFO, "WPS-STRICT: Invalid WSC_Done");
+#ifdef WPS_STRICT_WPS2
+ if (wps2)
+ return -1;
+#else /* WPS_STRICT_WPS2 */
return -1;
+#endif /* WPS_STRICT_WPS2 */
}
return 0;
wps_validate_uuid_r(attr.uuid_r, wps2)) {
wpa_printf(MSG_INFO, "WPS-STRICT: Invalid "
"SetSelectedRegistrar");
+#ifdef WPS_STRICT_WPS2
+ if (wps2)
+ return -1;
+#else /* WPS_STRICT_WPS2 */
return -1;
+#endif /* WPS_STRICT_WPS2 */
}
return 0;