diff options
| author | Jouni Malinen <j@w1.fi> | 2010-08-24 15:24:05 +0300 |
|---|---|---|
| committer | Jouni Malinen <j@w1.fi> | 2010-08-24 15:24:05 +0300 |
| commit | 944814106ec9c9f502ce4329783dd47c6f3d5fbd (patch) | |
| tree | 9ab41074c2a165e1149720a14c4e536fc2001bce /src/ap/hostapd.h | |
| parent | 035cc69d980d2e4bdd6e1d1260648f1033194655 (diff) | |
| download | external_wpa_supplicant_8_ti-944814106ec9c9f502ce4329783dd47c6f3d5fbd.zip external_wpa_supplicant_8_ti-944814106ec9c9f502ce4329783dd47c6f3d5fbd.tar.gz external_wpa_supplicant_8_ti-944814106ec9c9f502ce4329783dd47c6f3d5fbd.tar.bz2 | |
WPS: Do not disable AP PIN permanently, only slow down attacks
As a compromise between usability and security, do not disable
AP PIN permanently based on failed PIN validations. Instead, go to
AP Setup Locked state for increasing amount of time between each
failure to slow down brute force attacks against the AP PIN.
This avoids problems with some external Registrars that may try
to use the same PIN multiple times without user input. Now, the
user will still be able to fix the PIN and try again later while
a real attack is delayed enough to make it impractical.
Diffstat (limited to 'src/ap/hostapd.h')
| -rw-r--r-- | src/ap/hostapd.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/src/ap/hostapd.h b/src/ap/hostapd.h index 5bf4040..d0d67c8 100644 --- a/src/ap/hostapd.h +++ b/src/ap/hostapd.h @@ -167,6 +167,7 @@ struct hostapd_data { #ifdef CONFIG_WPS unsigned int ap_pin_failures; struct upnp_wps_device_sm *wps_upnp; + unsigned int ap_pin_lockout_time; #endif /* CONFIG_WPS */ struct hostapd_probereq_cb *probereq_cb; |