[PATCH] WPS: Fix dropped WPS registrar negotiation

[Jouni Malinen]

On Tue, Sep 30, 2014 at 04:28:21PM +0100, Michalis Pappas wrote:
> During WPS registrar authentication, wpa_supplicant won't complete the
> negotiation if the newly authorized registrar does not wish to push an updated
> configuration to the AP. Instead, upon reception of M7, wpa_supplicant will
> terminate the negotiation with a WPN_NACK and issue a WPS-FAIL event. Nevertheless,
> later it will connect to the AP using the received credentials.

This is done by design to avoid reconfiguring the AP which can result in
the AP rebooting or at least disconnecting all stations when WPS is used
just to learn the current settings.

> This behaviour seems to be broken both semantically and from the standard's point of
> view. WPS-FAIL will confuse any applications interfacing with wpa_supplicant to think
> that the negotiation failed. Moreover, according to the standard, M8 is not
> optional, so WPS_NACK is expected to be sent only when failing to authenticating
> or processing a message.

WSC_NACK can be sent as a response to any M2..M8 message.

> This patch gets wpa_supplicant complete the WPS negotiation and issue a WPS-SUCCESS.

This would break the intended behavior. I guess I could consider
changing the WPS-FAIL event to WPS-SUCCESS in this case where the AP
settings have been learned and the requested operation was only for
learning the current settings. However, that would be a change in a
behavior that has remained this way for five years, so I'm not sure this
would really be justifiable since there may be existing implementations
that expect to see WPS-CRED-RECEIVED followed by WPS-FAIL in this
specific case. The WPS protocol itself does indeed fail here, but that
is on purpose for the learn-current-settings case.

-- 
Jouni Malinen                                            PGP id EFC895FA