Merge branch 'workaround/wps_iot_fixes' into 'master'

wpa_supplicant: WPS Inter operatability Fixes

See merge request espressif/esp-idf!8654

components/wpa_supplicant/Kconfig

@@ -29,4 +29,23 @@ menu "Supplicant"
         help
             Select this to enable TLS v1.2 for WPA2-Enterprise Authentication.
 
+    config WPA_WPS_WARS
+        bool "Add WPS Inter operatability Fixes"
+        default n
+        help
+            Select this option to enable WPS related IOT fixes with
+            different APs. This option fixes IOT related issues with
+            APs which do not follow some of the standards of WPS-2.0
+            specification. These do not include any of the security
+            related bypassing, just simple configuration corrections.
+
+            Current fixes under this flag.
+            1. Allow NULL-padded WPS attributes: Some APs keep NULL-padding
+            at the end of some variable length WPS Attributes.
+            This is not as par the WPS2.0 specs, but to avoid interop issues,
+            ignore the padding by reducing the attribute length by 1.
+            2. Bypass WPS-Config method validation: Some APs set display/pbc
+            button bit without setting virtual/phycial display/button bit which
+            will cause M2 validation fail, bypassing WPS-Config method validation.
+
 endmenu

components/wpa_supplicant/src/wps/wps_attr_parse.c

@@ -128,10 +128,44 @@ static int wps_parse_vendor_ext(struct wps_parse_attr *attr, const u8 *pos,
 	return 0;
 }
 
+static u16 wps_ignore_null_padding_in_attr(const u8 *pos, u16 type, u16 attr_data_len)
+{
+	u16 len = attr_data_len;
+
+	if (len == 0)
+		return 0;
+#ifdef CONFIG_WPA_WPS_WARS
+	/*
+	 * Some AP's keep NULL-padding at the end of some variable length WPS Attributes.
+	 * This is not as par the WPS2.0 specs, but to avoid interop issues, ignore the
+	 * padding by reducing the attribute length by 1.
+	 */
+	switch (type) {
+		case ATTR_MANUFACTURER:
+		case ATTR_MODEL_NAME:
+		case ATTR_MODEL_NUMBER:
+		case ATTR_SERIAL_NUMBER:
+		case ATTR_DEV_NAME:
+		case ATTR_SSID:
+		case ATTR_NETWORK_KEY:
+			if (pos[len - 1] == 0)
+				len--;
+			break;
+		default:
+			break;
+	}
+#endif
+
+	return len;
+}
 
 static int wps_set_attr(struct wps_parse_attr *attr, u16 type,
-			const u8 *pos, u16 len)
+			const u8 *pos, u16 attr_data_len)
 {
+	u16 len;
+
+	len = wps_ignore_null_padding_in_attr(pos, type, attr_data_len);
+
 	switch (type) {
 	case ATTR_VERSION:
 		if (len != 1) {
@@ -637,4 +671,4 @@ int wps_parse_msg(const struct wpabuf *msg, struct wps_parse_attr *attr)
 	}
 
 	return 0;
-}
+}

components/wpa_supplicant/src/wps/wps_validate.c

@@ -95,6 +95,7 @@ static int wps_validate_response_type(const u8 *response_type, int mandatory)
 
 static int valid_config_methods(u16 val, int wps2)
 {
+#ifndef CONFIG_WPA_WPS_WARS
 	if (wps2) {
 		if (!(val & 0x6000) && (val & WPS_CONFIG_DISPLAY)) {
 			wpa_printf(MSG_INFO, "WPS-STRICT: Display flag "
@@ -108,6 +109,7 @@ static int valid_config_methods(u16 val, int wps2)
 		}
 	}
 
+#endif
 	return 1;
 }