Metalink patches for Intel WPS code

[Jouni Malinen]

On Mon, Nov 26, 2007 at 07:47:30PM +0200, Assaf Harel wrote:

> Metalink released another patch today:
> http://w1.fi/contrib/metalink/Intel_WSC_Metalink_WSC.patch 
> This patch updates Intel's original WPS daemon (known as Wsccmd) that
> runs on top of hostapd / wpa_supplicant.
> 
> Now it is possible to pass wifi WPS certification

Nice to see this type of changes released. I know that number of
companies have worked on modifications to the Intel reference
implementation, but the changes have not usually been released which
leads into duplicate work.

Do you have any plans or do you know of anyone else having plans to
maintain the WSC reference implementation in the future? The Intel web
site for this does not seem to indicate that this code would be
maintained or modified to become production quality code. I'm somewhat
worried about depending on an implementation that does not have someone
maintaining it. Especially so, when there are still number of areas that
would benefit of major cleanup.


As far as the EAP method is concerned, there are number of issues with
the original hostapd/wpa_supplicant 0.4.x -based implementation. In
order to go forward on this area, I implemented an EAP method that
provides just the EAP transport part for WPS using the 0.6.x code base
and proper use of expanded EAP header. This, I believe, is also moving
the interface between EAP transport and WPS Registration Protocol into
cleaner location, i.e., doing all EAP specific stuff (including
fragmentation and reassembly and EAP header processing) into the EAP
method while leaving the WPS Registration Protocol to handle WSC M1..M8,
Done, ACK, and NACK.

The current version does not include interface for an external process
for processing the WPS messages. There is only a dummy implementation
that can be used for testing the EAP transport. However, communication
with an external process could be implemented using pending EAP
processing functionality in hostapd/wpa_supplicant to avoid the blocking
calls to external process which is used in the reference WSC code (and
which will not be acceptable for hostapd/wpa_supplicant integration).


The more I look at the reference WSC code, the more I would like to see
this done with simpler design or at least in smaller steps. I think it
would be useful to see a minimal implementation that supports just the
case of AP with an internal Registrar and client with an Enrollee and
only EAP transport (i.e., no UPnP complexity) as the first step. Once
this is available in a clean, maintainable implementation, more
functionality could be added.

I do not like the extra complexity caused by wsccmd being responsible
for starting hostapd/wpa_supplicant with hardcoded command line and
configuration file options. I would much rather see something that
allows both programs to be started (and configured) independently and
then whatever information needs to be transfered between the processes
would go through the ctrl_iface.


Is someone interested in working with a larger design change for the
Intel wsccd code? I have to say that I'm not exactly looking forward to
touching that code myself and would likely find it easier to work with a
new in-process implementation of WPS Registration Protocol as a library
that is designed to fit hostapd/wpa_supplicant model better if I had to
do the work..

-- 
Jouni Malinen                                            PGP id EFC895FA