Merge "Cumulative security patch from commit ca68a8b561c48393c8ba25055ce294caaa3ac008" into m-wireless-dev
diff --git a/hostapd/config_file.c b/hostapd/config_file.c
index 82b08f9..1186644 100644
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -1723,7 +1723,7 @@
char *str;
str = wpa_config_parse_string(pos, &slen);
- if (str == NULL || slen < 1 || slen > HOSTAPD_MAX_SSID_LEN) {
+ if (str == NULL || slen < 1 || slen > SSID_MAX_LEN) {
wpa_printf(MSG_ERROR, "Line %d: Invalid SSID '%s'", line, pos);
os_free(str);
return -1;
@@ -1970,7 +1970,7 @@
line);
} else if (os_strcmp(buf, "ssid") == 0) {
bss->ssid.ssid_len = os_strlen(pos);
- if (bss->ssid.ssid_len > HOSTAPD_MAX_SSID_LEN ||
+ if (bss->ssid.ssid_len > SSID_MAX_LEN ||
bss->ssid.ssid_len < 1) {
wpa_printf(MSG_ERROR, "Line %d: invalid SSID '%s'",
line, pos);
@@ -1981,7 +1981,7 @@
} else if (os_strcmp(buf, "ssid2") == 0) {
size_t slen;
char *str = wpa_config_parse_string(pos, &slen);
- if (str == NULL || slen < 1 || slen > HOSTAPD_MAX_SSID_LEN) {
+ if (str == NULL || slen < 1 || slen > SSID_MAX_LEN) {
wpa_printf(MSG_ERROR, "Line %d: invalid SSID '%s'",
line, pos);
os_free(str);
@@ -2837,7 +2837,7 @@
os_free(bss->wps_pin_requests);
bss->wps_pin_requests = os_strdup(pos);
} else if (os_strcmp(buf, "device_name") == 0) {
- if (os_strlen(pos) > 32) {
+ if (os_strlen(pos) > WPS_DEV_NAME_MAX_LEN) {
wpa_printf(MSG_ERROR, "Line %d: Too long "
"device_name", line);
return 1;
diff --git a/hostapd/hostapd_cli.c b/hostapd/hostapd_cli.c
index 3f00cbb..719d021 100644
--- a/hostapd/hostapd_cli.c
+++ b/hostapd/hostapd_cli.c
@@ -10,6 +10,7 @@
#include <dirent.h>
#include "common/wpa_ctrl.h"
+#include "common/ieee802_11_defs.h"
#include "utils/common.h"
#include "utils/eloop.h"
#include "utils/edit.h"
@@ -541,7 +542,7 @@
char *argv[])
{
char buf[256];
- char ssid_hex[2 * 32 + 1];
+ char ssid_hex[2 * SSID_MAX_LEN + 1];
char key_hex[2 * 64 + 1];
int i;
@@ -552,7 +553,7 @@
}
ssid_hex[0] = '\0';
- for (i = 0; i < 32; i++) {
+ for (i = 0; i < SSID_MAX_LEN; i++) {
if (argv[0][i] == '\0')
break;
os_snprintf(&ssid_hex[i * 2], 3, "%02x", argv[0][i]);
diff --git a/src/ap/Makefile b/src/ap/Makefile
index adfd3df..98788fe 100644
--- a/src/ap/Makefile
+++ b/src/ap/Makefile
@@ -1,8 +1,67 @@
-all:
- @echo Nothing to be made.
+all: libap.a
clean:
- rm -f *~ *.o *.d *.gcno *.gcda *.gcov
+ rm -f *~ *.o *.d *.gcno *.gcda *.gcov libap.a
install:
@echo Nothing to be made.
+
+include ../lib.rules
+
+CFLAGS += -DHOSTAPD
+CFLAGS += -DNEED_AP_MLME
+CFLAGS += -DCONFIG_HS20
+CFLAGS += -DCONFIG_INTERWORKING
+CFLAGS += -DCONFIG_IEEE80211R
+CFLAGS += -DCONFIG_IEEE80211W
+CFLAGS += -DCONFIG_WPS
+CFLAGS += -DCONFIG_PROXYARP
+CFLAGS += -DCONFIG_IAPP
+
+LIB_OBJS= \
+ accounting.o \
+ ap_config.o \
+ ap_drv_ops.o \
+ ap_list.o \
+ ap_mlme.o \
+ authsrv.o \
+ beacon.o \
+ bss_load.o \
+ ctrl_iface_ap.o \
+ dfs.o \
+ dhcp_snoop.o \
+ drv_callbacks.o \
+ eap_user_db.o \
+ gas_serv.o \
+ hostapd.o \
+ hs20.o \
+ hw_features.o \
+ iapp.o \
+ ieee802_11_auth.o \
+ ieee802_11.o \
+ ieee802_11_ht.o \
+ ieee802_11_shared.o \
+ ieee802_11_vht.o \
+ ieee802_1x.o \
+ ndisc_snoop.o \
+ p2p_hostapd.o \
+ peerkey_auth.o \
+ pmksa_cache_auth.o \
+ preauth_auth.o \
+ sta_info.o \
+ tkip_countermeasures.o \
+ utils.o \
+ vlan_init.o \
+ wmm.o \
+ wnm_ap.o \
+ wpa_auth.o \
+ wpa_auth_ft.o \
+ wpa_auth_glue.o \
+ wpa_auth_ie.o \
+ wps_hostapd.o \
+ x_snoop.o
+
+libap.a: $(LIB_OBJS)
+ $(AR) crT $@ $?
+
+-include $(OBJS:%.o=%.d)
diff --git a/src/ap/ap_config.h b/src/ap/ap_config.h
index 00d5240..7b4a7ea 100644
--- a/src/ap/ap_config.h
+++ b/src/ap/ap_config.h
@@ -12,6 +12,7 @@
#include "common/defs.h"
#include "ip_addr.h"
#include "common/wpa_common.h"
+#include "common/ieee802_11_defs.h"
#include "common/ieee802_11_common.h"
#include "wps/wps.h"
@@ -57,8 +58,6 @@
struct ft_remote_r0kh;
struct ft_remote_r1kh;
-#define HOSTAPD_MAX_SSID_LEN 32
-
#define NUM_WEP_KEYS 4
struct hostapd_wep_keys {
u8 idx;
@@ -78,7 +77,7 @@
} secpolicy;
struct hostapd_ssid {
- u8 ssid[HOSTAPD_MAX_SSID_LEN];
+ u8 ssid[SSID_MAX_LEN];
size_t ssid_len;
unsigned int ssid_set:1;
unsigned int utf8_ssid:1;
@@ -511,7 +510,7 @@
char file[256];
} *hs20_icons;
size_t hs20_icons_count;
- u8 osu_ssid[HOSTAPD_MAX_SSID_LEN];
+ u8 osu_ssid[SSID_MAX_LEN];
size_t osu_ssid_len;
struct hs20_osu_provider {
unsigned int friendly_name_count;
diff --git a/src/ap/ap_list.c b/src/ap/ap_list.c
index 04a56a9..78a1f7c 100644
--- a/src/ap/ap_list.c
+++ b/src/ap/ap_list.c
@@ -193,14 +193,14 @@
elems->supp_rates, elems->supp_rates_len,
elems->ext_supp_rates, elems->ext_supp_rates_len);
- if (elems->erp_info && elems->erp_info_len == 1)
+ if (elems->erp_info)
ap->erp = elems->erp_info[0];
else
ap->erp = -1;
- if (elems->ds_params && elems->ds_params_len == 1)
+ if (elems->ds_params)
ap->channel = elems->ds_params[0];
- else if (elems->ht_operation && elems->ht_operation_len >= 1)
+ else if (elems->ht_operation)
ap->channel = elems->ht_operation[0];
else if (fi)
ap->channel = fi->channel;
diff --git a/src/ap/beacon.c b/src/ap/beacon.c
index e575b65..7009855 100644
--- a/src/ap/beacon.c
+++ b/src/ap/beacon.c
@@ -360,7 +360,6 @@
static u8 * hostapd_gen_probe_resp(struct hostapd_data *hapd,
- struct sta_info *sta,
const struct ieee80211_mgmt *req,
int is_p2p, size_t *resp_len)
{
@@ -402,7 +401,7 @@
/* hardware or low-level driver will setup seq_ctrl and timestamp */
resp->u.probe_resp.capab_info =
- host_to_le16(hostapd_own_capab_info(hapd, sta, 1));
+ host_to_le16(hostapd_own_capab_info(hapd));
pos = resp->u.probe_resp.variable;
*pos++ = WLAN_EID_SSID;
@@ -548,7 +547,6 @@
struct ieee802_11_elems elems;
const u8 *ie;
size_t ie_len;
- struct sta_info *sta = NULL;
size_t i, resp_len;
int noack;
enum ssid_match_result res;
@@ -590,7 +588,7 @@
* is less likely to see them (Probe Request frame sent on a
* neighboring, but partially overlapping, channel).
*/
- if (elems.ds_params && elems.ds_params_len == 1 &&
+ if (elems.ds_params &&
hapd->iface->current_mode &&
(hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G ||
hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211B) &&
@@ -635,8 +633,6 @@
return;
}
- sta = ap_get_sta(hapd, mgmt->sa);
-
#ifdef CONFIG_P2P
if ((hapd->conf->p2p & P2P_GROUP_OWNER) &&
elems.ssid_len == P2P_WILDCARD_SSID_LEN &&
@@ -649,10 +645,7 @@
res = ssid_match(hapd, elems.ssid, elems.ssid_len,
elems.ssid_list, elems.ssid_list_len);
- if (res != NO_SSID_MATCH) {
- if (sta)
- sta->ssid_probe = &hapd->conf->ssid;
- } else {
+ if (res == NO_SSID_MATCH) {
if (!(mgmt->da[0] & 0x01)) {
wpa_printf(MSG_MSGDUMP, "Probe Request from " MACSTR
" for foreign SSID '%s' (DA " MACSTR ")%s",
@@ -719,7 +712,7 @@
}
#endif /* CONFIG_TESTING_OPTIONS */
- resp = hostapd_gen_probe_resp(hapd, sta, mgmt, elems.p2p != NULL,
+ resp = hostapd_gen_probe_resp(hapd, mgmt, elems.p2p != NULL,
&resp_len);
if (resp == NULL)
return;
@@ -774,7 +767,7 @@
"this");
/* Generate a Probe Response template for the non-P2P case */
- return hostapd_gen_probe_resp(hapd, NULL, NULL, 0, resp_len);
+ return hostapd_gen_probe_resp(hapd, NULL, 0, resp_len);
}
#endif /* NEED_AP_MLME */
@@ -833,7 +826,7 @@
host_to_le16(hapd->iconf->beacon_int);
/* hardware or low-level driver will setup seq_ctrl and timestamp */
- capab_info = hostapd_own_capab_info(hapd, NULL, 0);
+ capab_info = hostapd_own_capab_info(hapd);
head->u.beacon.capab_info = host_to_le16(capab_info);
pos = &head->u.beacon.variable[0];
diff --git a/src/ap/drv_callbacks.c b/src/ap/drv_callbacks.c
index 507053e..80e4c2e 100644
--- a/src/ap/drv_callbacks.c
+++ b/src/ap/drv_callbacks.c
@@ -126,8 +126,6 @@
#ifdef CONFIG_IEEE80211N
#ifdef NEED_AP_MLME
if (elems.ht_capabilities &&
- elems.ht_capabilities_len >=
- sizeof(struct ieee80211_ht_capabilities) &&
(hapd->iface->conf->ht_capab &
HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)) {
struct ieee80211_ht_capabilities *ht_cap =
diff --git a/src/ap/hostapd.c b/src/ap/hostapd.c
index 6cdb6d3..5abe5ed 100644
--- a/src/ap/hostapd.c
+++ b/src/ap/hostapd.c
@@ -862,7 +862,7 @@
static int hostapd_setup_bss(struct hostapd_data *hapd, int first)
{
struct hostapd_bss_config *conf = hapd->conf;
- u8 ssid[HOSTAPD_MAX_SSID_LEN + 1];
+ u8 ssid[SSID_MAX_LEN + 1];
int ssid_len, set_ssid;
char force_ifname[IFNAMSIZ];
u8 if_addr[ETH_ALEN];
diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
index 3601dfe..5b26558 100644
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -132,8 +132,7 @@
}
-u16 hostapd_own_capab_info(struct hostapd_data *hapd, struct sta_info *sta,
- int probe)
+u16 hostapd_own_capab_info(struct hostapd_data *hapd)
{
int capab = WLAN_CAPABILITY_ESS;
int privacy;
@@ -166,20 +165,6 @@
privacy = 1;
#endif /* CONFIG_HS20 */
- if (sta) {
- int policy, def_klen;
- if (probe && sta->ssid_probe) {
- policy = sta->ssid_probe->security_policy;
- def_klen = sta->ssid_probe->wep.default_len;
- } else {
- policy = sta->ssid->security_policy;
- def_klen = sta->ssid->wep.default_len;
- }
- privacy = policy != SECURITY_PLAINTEXT;
- if (policy == SECURITY_IEEE_802_1X && def_klen == 0)
- privacy = 0;
- }
-
if (privacy)
capab |= WLAN_CAPABILITY_PRIVACY;
@@ -1297,8 +1282,7 @@
if (resp != WLAN_STATUS_SUCCESS)
return resp;
#ifdef CONFIG_IEEE80211N
- resp = copy_sta_ht_capab(hapd, sta, elems.ht_capabilities,
- elems.ht_capabilities_len);
+ resp = copy_sta_ht_capab(hapd, sta, elems.ht_capabilities);
if (resp != WLAN_STATUS_SUCCESS)
return resp;
if (hapd->iconf->ieee80211n && hapd->iconf->require_ht &&
@@ -1311,8 +1295,7 @@
#endif /* CONFIG_IEEE80211N */
#ifdef CONFIG_IEEE80211AC
- resp = copy_sta_vht_capab(hapd, sta, elems.vht_capabilities,
- elems.vht_capabilities_len);
+ resp = copy_sta_vht_capab(hapd, sta, elems.vht_capabilities);
if (resp != WLAN_STATUS_SUCCESS)
return resp;
@@ -1594,7 +1577,7 @@
send_len = IEEE80211_HDRLEN;
send_len += sizeof(reply->u.assoc_resp);
reply->u.assoc_resp.capab_info =
- host_to_le16(hostapd_own_capab_info(hapd, sta, 0));
+ host_to_le16(hostapd_own_capab_info(hapd));
reply->u.assoc_resp.status_code = host_to_le16(status_code);
reply->u.assoc_resp.aid = host_to_le16(sta->aid | BIT(14) | BIT(15));
/* Supported rates */
@@ -2335,7 +2318,7 @@
char *ifname_wds)
{
int i;
- struct hostapd_ssid *ssid = sta->ssid;
+ struct hostapd_ssid *ssid = &hapd->conf->ssid;
if (hapd->conf->ieee802_1x || hapd->conf->wpa)
return;
diff --git a/src/ap/ieee802_11.h b/src/ap/ieee802_11.h
index 41c27d9..44c1bff 100644
--- a/src/ap/ieee802_11.h
+++ b/src/ap/ieee802_11.h
@@ -14,6 +14,7 @@
struct sta_info;
struct hostapd_frame_info;
struct ieee80211_ht_capabilities;
+struct ieee80211_vht_capabilities;
struct ieee80211_mgmt;
int ieee802_11_mgmt(struct hostapd_data *hapd, const u8 *buf, size_t len,
@@ -40,8 +41,7 @@
return 0;
}
#endif /* NEED_AP_MLME */
-u16 hostapd_own_capab_info(struct hostapd_data *hapd, struct sta_info *sta,
- int probe);
+u16 hostapd_own_capab_info(struct hostapd_data *hapd);
void ap_ht2040_timeout(void *eloop_data, void *user_data);
u8 * hostapd_eid_ext_capab(struct hostapd_data *hapd, u8 *eid);
u8 * hostapd_eid_qos_map_set(struct hostapd_data *hapd, u8 *eid);
@@ -62,7 +62,7 @@
struct ieee80211_vht_capabilities *vht_cap,
struct ieee80211_vht_capabilities *neg_vht_cap);
u16 copy_sta_ht_capab(struct hostapd_data *hapd, struct sta_info *sta,
- const u8 *ht_capab, size_t ht_capab_len);
+ const u8 *ht_capab);
u16 copy_sta_vendor_vht(struct hostapd_data *hapd, struct sta_info *sta,
const u8 *ie, size_t len);
@@ -70,7 +70,7 @@
void ht40_intolerant_add(struct hostapd_iface *iface, struct sta_info *sta);
void ht40_intolerant_remove(struct hostapd_iface *iface, struct sta_info *sta);
u16 copy_sta_vht_capab(struct hostapd_data *hapd, struct sta_info *sta,
- const u8 *vht_capab, size_t vht_capab_len);
+ const u8 *vht_capab);
u16 set_sta_vht_opmode(struct hostapd_data *hapd, struct sta_info *sta,
const u8 *vht_opmode);
void hostapd_tx_status(struct hostapd_data *hapd, const u8 *addr,
diff --git a/src/ap/ieee802_11_ht.c b/src/ap/ieee802_11_ht.c
index 9dad8e3..11fde2a 100644
--- a/src/ap/ieee802_11_ht.c
+++ b/src/ap/ieee802_11_ht.c
@@ -310,7 +310,7 @@
u16 copy_sta_ht_capab(struct hostapd_data *hapd, struct sta_info *sta,
- const u8 *ht_capab, size_t ht_capab_len)
+ const u8 *ht_capab)
{
/*
* Disable HT caps for STAs associated to no-HT BSSes, or for stations
@@ -318,7 +318,6 @@
* frame.
*/
if (!ht_capab ||
- ht_capab_len < sizeof(struct ieee80211_ht_capabilities) ||
!(sta->flags & WLAN_STA_WMM) || hapd->conf->disable_11n) {
sta->flags &= ~WLAN_STA_HT;
os_free(sta->ht_capabilities);
diff --git a/src/ap/ieee802_11_vht.c b/src/ap/ieee802_11_vht.c
index 171538a..5bf1b5d 100644
--- a/src/ap/ieee802_11_vht.c
+++ b/src/ap/ieee802_11_vht.c
@@ -132,11 +132,10 @@
u16 copy_sta_vht_capab(struct hostapd_data *hapd, struct sta_info *sta,
- const u8 *vht_capab, size_t vht_capab_len)
+ const u8 *vht_capab)
{
/* Disable VHT caps for STAs associated to no-VHT BSSes. */
if (!vht_capab ||
- vht_capab_len < sizeof(struct ieee80211_vht_capabilities) ||
hapd->conf->disable_11ac ||
!check_valid_vht_mcs(hapd->iface->current_mode, vht_capab)) {
sta->flags &= ~WLAN_STA_VHT;
diff --git a/src/ap/ieee802_1x.c b/src/ap/ieee802_1x.c
index f945efa..863a539 100644
--- a/src/ap/ieee802_1x.c
+++ b/src/ap/ieee802_1x.c
@@ -1652,7 +1652,7 @@
switch (hdr->code) {
case RADIUS_CODE_ACCESS_ACCEPT:
- if (sta->ssid->dynamic_vlan == DYNAMIC_VLAN_DISABLED)
+ if (hapd->conf->ssid.dynamic_vlan == DYNAMIC_VLAN_DISABLED)
vlan_id = 0;
#ifndef CONFIG_NO_VLAN
else
@@ -1671,7 +1671,8 @@
"Invalid VLAN ID %d received from RADIUS server",
vlan_id);
break;
- } else if (sta->ssid->dynamic_vlan == DYNAMIC_VLAN_REQUIRED) {
+ } else if (hapd->conf->ssid.dynamic_vlan ==
+ DYNAMIC_VLAN_REQUIRED) {
sta->eapol_sm->authFail = TRUE;
hostapd_logger(hapd, sta->addr,
HOSTAPD_MODULE_IEEE8021X,
diff --git a/src/ap/sta_info.c b/src/ap/sta_info.c
index 1576db9..20847d5 100644
--- a/src/ap/sta_info.c
+++ b/src/ap/sta_info.c
@@ -632,7 +632,6 @@
hapd->sta_list = sta;
hapd->num_sta++;
ap_sta_hash_add(hapd, sta);
- sta->ssid = &hapd->conf->ssid;
ap_sta_remove_in_other_bss(hapd, sta);
sta->last_seq_ctrl = WLAN_INVALID_MGMT_SEQ;
dl_list_init(&sta->ip6addr);
@@ -790,10 +789,10 @@
int old_vlanid = sta->vlan_id_bound;
iface = hapd->conf->iface;
- if (sta->ssid->vlan[0])
- iface = sta->ssid->vlan;
+ if (hapd->conf->ssid.vlan[0])
+ iface = hapd->conf->ssid.vlan;
- if (sta->ssid->dynamic_vlan == DYNAMIC_VLAN_DISABLED)
+ if (hapd->conf->ssid.dynamic_vlan == DYNAMIC_VLAN_DISABLED)
sta->vlan_id = 0;
else if (sta->vlan_id > 0) {
struct hostapd_vlan *wildcard_vlan = NULL;
@@ -839,7 +838,7 @@
}
iface = vlan->ifname;
- if (vlan_setup_encryption_dyn(hapd, sta->ssid, iface) != 0) {
+ if (vlan_setup_encryption_dyn(hapd, iface) != 0) {
hostapd_logger(hapd, sta->addr,
HOSTAPD_MODULE_IEEE80211,
HOSTAPD_LEVEL_DEBUG, "could not "
@@ -866,7 +865,7 @@
* configuration for the case where hostapd did not yet know
* which keys are to be used when the interface was added.
*/
- if (vlan_setup_encryption_dyn(hapd, sta->ssid, iface) != 0) {
+ if (vlan_setup_encryption_dyn(hapd, iface) != 0) {
hostapd_logger(hapd, sta->addr,
HOSTAPD_MODULE_IEEE80211,
HOSTAPD_LEVEL_DEBUG, "could not "
diff --git a/src/ap/sta_info.h b/src/ap/sta_info.h
index d192c71..52a9997 100644
--- a/src/ap/sta_info.h
+++ b/src/ap/sta_info.h
@@ -117,9 +117,6 @@
struct wpa_state_machine *wpa_sm;
struct rsn_preauth_interface *preauth_iface;
- struct hostapd_ssid *ssid; /* SSID selection based on (Re)AssocReq */
- struct hostapd_ssid *ssid_probe; /* SSID selection based on ProbeReq */
-
int vlan_id; /* 0: none, >0: VID */
int vlan_id_bound; /* updated by ap_sta_bind_vlan() */
/* PSKs from RADIUS authentication server */
diff --git a/src/ap/vlan_init.c b/src/ap/vlan_init.c
index c57c062..baabbe3 100644
--- a/src/ap/vlan_init.c
+++ b/src/ap/vlan_init.c
@@ -784,8 +784,7 @@
#endif /* CONFIG_FULL_DYNAMIC_VLAN */
-int vlan_setup_encryption_dyn(struct hostapd_data *hapd,
- struct hostapd_ssid *mssid, const char *dyn_vlan)
+int vlan_setup_encryption_dyn(struct hostapd_data *hapd, const char *dyn_vlan)
{
int i;
@@ -795,10 +794,11 @@
/* Static WEP keys are set here; IEEE 802.1X and WPA uses their own
* functions for setting up dynamic broadcast keys. */
for (i = 0; i < 4; i++) {
- if (mssid->wep.key[i] &&
+ if (hapd->conf->ssid.wep.key[i] &&
hostapd_drv_set_key(dyn_vlan, hapd, WPA_ALG_WEP, NULL, i,
- i == mssid->wep.idx, NULL, 0,
- mssid->wep.key[i], mssid->wep.len[i]))
+ i == hapd->conf->ssid.wep.idx, NULL, 0,
+ hapd->conf->ssid.wep.key[i],
+ hapd->conf->ssid.wep.len[i]))
{
wpa_printf(MSG_ERROR, "VLAN: Could not set WEP "
"encryption for dynamic VLAN");
diff --git a/src/ap/vlan_init.h b/src/ap/vlan_init.h
index 781eaac..fc39443 100644
--- a/src/ap/vlan_init.h
+++ b/src/ap/vlan_init.h
@@ -18,7 +18,6 @@
int vlan_id);
int vlan_remove_dynamic(struct hostapd_data *hapd, int vlan_id);
int vlan_setup_encryption_dyn(struct hostapd_data *hapd,
- struct hostapd_ssid *mssid,
const char *dyn_vlan);
#else /* CONFIG_NO_VLAN */
static inline int vlan_init(struct hostapd_data *hapd)
@@ -43,7 +42,6 @@
}
static inline int vlan_setup_encryption_dyn(struct hostapd_data *hapd,
- struct hostapd_ssid *mssid,
const char *dyn_vlan)
{
return -1;
diff --git a/src/ap/wpa_auth.h b/src/ap/wpa_auth.h
index 11e745e..e747806 100644
--- a/src/ap/wpa_auth.h
+++ b/src/ap/wpa_auth.h
@@ -12,6 +12,7 @@
#include "common/defs.h"
#include "common/eapol_common.h"
#include "common/wpa_common.h"
+#include "common/ieee802_11_defs.h"
#ifdef _MSC_VER
#pragma pack(push, 1)
@@ -146,8 +147,7 @@
int group_mgmt_cipher;
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_IEEE80211R
-#define SSID_LEN 32
- u8 ssid[SSID_LEN];
+ u8 ssid[SSID_MAX_LEN];
size_t ssid_len;
u8 mobility_domain[MOBILITY_DOMAIN_ID_LEN];
u8 r0_key_holder[FT_R0KH_ID_MAX_LEN];
diff --git a/src/ap/wpa_auth_ft.c b/src/ap/wpa_auth_ft.c
index ef3249a..eeaffbf 100644
--- a/src/ap/wpa_auth_ft.c
+++ b/src/ap/wpa_auth_ft.c
@@ -534,10 +534,8 @@
return pos;
}
-#ifdef NEED_AP_MLME
- if (parse.wmm_tspec && sm->wpa_auth->conf.ap_mlme) {
+ if (parse.wmm_tspec) {
struct wmm_tspec_element *tspec;
- int res;
if (parse.wmm_tspec_len + 2 < (int) sizeof(*tspec)) {
wpa_printf(MSG_DEBUG, "FT: Too short WMM TSPEC IE "
@@ -555,7 +553,13 @@
}
tspec = (struct wmm_tspec_element *) pos;
os_memcpy(tspec, parse.wmm_tspec - 2, sizeof(*tspec));
- res = wmm_process_tspec(tspec);
+ }
+
+#ifdef NEED_AP_MLME
+ if (parse.wmm_tspec && sm->wpa_auth->conf.ap_mlme) {
+ int res;
+
+ res = wmm_process_tspec((struct wmm_tspec_element *) pos);
wpa_printf(MSG_DEBUG, "FT: ADDTS processing result: %d", res);
if (res == WMM_ADDTS_STATUS_INVALID_PARAMETERS)
rdie->status_code =
@@ -566,20 +570,17 @@
else {
/* TSPEC accepted; include updated TSPEC in response */
rdie->descr_count = 1;
- pos += sizeof(*tspec);
+ pos += sizeof(struct wmm_tspec_element);
}
return pos;
}
#endif /* NEED_AP_MLME */
if (parse.wmm_tspec && !sm->wpa_auth->conf.ap_mlme) {
- struct wmm_tspec_element *tspec;
int res;
- tspec = (struct wmm_tspec_element *) pos;
- os_memcpy(tspec, parse.wmm_tspec - 2, sizeof(*tspec));
res = wpa_ft_add_tspec(sm->wpa_auth, sm->addr, pos,
- sizeof(*tspec));
+ sizeof(struct wmm_tspec_element));
if (res >= 0) {
if (res)
rdie->status_code = host_to_le16(res);
@@ -587,7 +588,7 @@
/* TSPEC accepted; include updated TSPEC in
* response */
rdie->descr_count = 1;
- pos += sizeof(*tspec);
+ pos += sizeof(struct wmm_tspec_element);
}
return pos;
}
diff --git a/src/ap/wpa_auth_glue.c b/src/ap/wpa_auth_glue.c
index d417a72..7cd0b6c 100644
--- a/src/ap/wpa_auth_glue.c
+++ b/src/ap/wpa_auth_glue.c
@@ -54,8 +54,8 @@
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_IEEE80211R
wconf->ssid_len = conf->ssid.ssid_len;
- if (wconf->ssid_len > SSID_LEN)
- wconf->ssid_len = SSID_LEN;
+ if (wconf->ssid_len > SSID_MAX_LEN)
+ wconf->ssid_len = SSID_MAX_LEN;
os_memcpy(wconf->ssid, conf->ssid.ssid, wconf->ssid_len);
os_memcpy(wconf->mobility_domain, conf->mobility_domain,
MOBILITY_DOMAIN_ID_LEN);
diff --git a/src/ap/wps_hostapd.c b/src/ap/wps_hostapd.c
index 7e74829..68eaeca 100644
--- a/src/ap/wps_hostapd.c
+++ b/src/ap/wps_hostapd.c
@@ -324,7 +324,7 @@
wpa_printf(MSG_DEBUG, "WPS: Updating in-memory configuration");
bss->wps_state = 2;
- if (cred->ssid_len <= HOSTAPD_MAX_SSID_LEN) {
+ if (cred->ssid_len <= SSID_MAX_LEN) {
os_memcpy(bss->ssid.ssid, cred->ssid, cred->ssid_len);
bss->ssid.ssid_len = cred->ssid_len;
bss->ssid.ssid_set = 1;
diff --git a/src/common/Makefile b/src/common/Makefile
index adfd3df..e703630 100644
--- a/src/common/Makefile
+++ b/src/common/Makefile
@@ -1,8 +1,28 @@
-all:
- @echo Nothing to be made.
+all: libcommon.a
clean:
- rm -f *~ *.o *.d *.gcno *.gcda *.gcov
+ rm -f *~ *.o *.d *.gcno *.gcda *.gcov libcommon.a
install:
@echo Nothing to be made.
+
+include ../lib.rules
+
+CFLAGS += -DCONFIG_IEEE80211R
+CFLAGS += -DCONFIG_IEEE80211W
+CFLAGS += -DCONFIG_HS20
+CFLAGS += -DCONFIG_SAE
+CFLAGS += -DCONFIG_SUITE
+CFLAGS += -DCONFIG_SUITEB
+
+LIB_OBJS= \
+ gas.o \
+ hw_features_common.o \
+ ieee802_11_common.o \
+ sae.o \
+ wpa_common.o
+
+libcommon.a: $(LIB_OBJS)
+ $(AR) crT $@ $?
+
+-include $(OBJS:%.o=%.d)
diff --git a/src/common/hw_features_common.c b/src/common/hw_features_common.c
index 8d83de6..e61f824 100644
--- a/src/common/hw_features_common.c
+++ b/src/common/hw_features_common.c
@@ -152,8 +152,7 @@
*pri_chan = *sec_chan = 0;
ieee802_11_parse_elems((u8 *) (bss + 1), bss->ie_len, &elems, 0);
- if (elems.ht_operation &&
- elems.ht_operation_len >= sizeof(*oper)) {
+ if (elems.ht_operation) {
oper = (struct ieee80211_ht_operation *) elems.ht_operation;
*pri_chan = oper->primary_chan;
if (oper->ht_param & HT_INFO_HT_PARAM_STA_CHNL_WIDTH) {
@@ -253,8 +252,7 @@
return 1;
}
- if (elems.ht_operation &&
- elems.ht_operation_len >= sizeof(*oper)) {
+ if (elems.ht_operation) {
oper = (struct ieee80211_ht_operation *) elems.ht_operation;
if (oper->ht_param & HT_INFO_HT_PARAM_SECONDARY_CHNL_OFF_MASK)
return 0;
@@ -335,9 +333,7 @@
ieee802_11_parse_elems((u8 *) (bss + 1), bss->ie_len, &elems,
0);
- if (elems.ht_capabilities &&
- elems.ht_capabilities_len >=
- sizeof(struct ieee80211_ht_capabilities)) {
+ if (elems.ht_capabilities) {
struct ieee80211_ht_capabilities *ht_cap =
(struct ieee80211_ht_capabilities *)
elems.ht_capabilities;
diff --git a/src/common/ieee802_11_common.c b/src/common/ieee802_11_common.c
index aca0b73..7843e6f 100644
--- a/src/common/ieee802_11_common.c
+++ b/src/common/ieee802_11_common.c
@@ -1,6 +1,6 @@
/*
* IEEE 802.11 Common routines
- * Copyright (c) 2002-2013, Jouni Malinen <j@w1.fi>
+ * Copyright (c) 2002-2015, Jouni Malinen <j@w1.fi>
*
* This software may be distributed under the terms of the BSD license.
* See README for more details.
@@ -10,6 +10,7 @@
#include "common.h"
#include "defs.h"
+#include "wpa_common.h"
#include "ieee802_11_defs.h"
#include "ieee802_11_common.h"
@@ -196,6 +197,12 @@
switch (id) {
case WLAN_EID_SSID:
+ if (elen > SSID_MAX_LEN) {
+ wpa_printf(MSG_DEBUG,
+ "Ignored too long SSID element (elen=%u)",
+ elen);
+ break;
+ }
elems->ssid = pos;
elems->ssid_len = elen;
break;
@@ -204,8 +211,9 @@
elems->supp_rates_len = elen;
break;
case WLAN_EID_DS_PARAMS:
+ if (elen < 1)
+ break;
elems->ds_params = pos;
- elems->ds_params_len = elen;
break;
case WLAN_EID_CF_PARAMS:
case WLAN_EID_TIM:
@@ -215,8 +223,9 @@
elems->challenge_len = elen;
break;
case WLAN_EID_ERP_INFO:
+ if (elen < 1)
+ break;
elems->erp_info = pos;
- elems->erp_info_len = elen;
break;
case WLAN_EID_EXT_SUPP_RATES:
elems->ext_supp_rates = pos;
@@ -239,24 +248,31 @@
elems->supp_channels_len = elen;
break;
case WLAN_EID_MOBILITY_DOMAIN:
+ if (elen < sizeof(struct rsn_mdie))
+ break;
elems->mdie = pos;
elems->mdie_len = elen;
break;
case WLAN_EID_FAST_BSS_TRANSITION:
+ if (elen < sizeof(struct rsn_ftie))
+ break;
elems->ftie = pos;
elems->ftie_len = elen;
break;
case WLAN_EID_TIMEOUT_INTERVAL:
+ if (elen != 5)
+ break;
elems->timeout_int = pos;
- elems->timeout_int_len = elen;
break;
case WLAN_EID_HT_CAP:
+ if (elen < sizeof(struct ieee80211_ht_capabilities))
+ break;
elems->ht_capabilities = pos;
- elems->ht_capabilities_len = elen;
break;
case WLAN_EID_HT_OPERATION:
+ if (elen < sizeof(struct ieee80211_ht_operation))
+ break;
elems->ht_operation = pos;
- elems->ht_operation_len = elen;
break;
case WLAN_EID_MESH_CONFIG:
elems->mesh_config = pos;
@@ -271,12 +287,14 @@
elems->peer_mgmt_len = elen;
break;
case WLAN_EID_VHT_CAP:
+ if (elen < sizeof(struct ieee80211_vht_capabilities))
+ break;
elems->vht_capabilities = pos;
- elems->vht_capabilities_len = elen;
break;
case WLAN_EID_VHT_OPERATION:
+ if (elen < sizeof(struct ieee80211_vht_operation))
+ break;
elems->vht_operation = pos;
- elems->vht_operation_len = elen;
break;
case WLAN_EID_VHT_OPERATING_MODE_NOTIFICATION:
if (elen != 1)
diff --git a/src/common/ieee802_11_common.h b/src/common/ieee802_11_common.h
index 7f0b296..c84d8a7 100644
--- a/src/common/ieee802_11_common.h
+++ b/src/common/ieee802_11_common.h
@@ -51,9 +51,7 @@
u8 ssid_len;
u8 supp_rates_len;
- u8 ds_params_len;
u8 challenge_len;
- u8 erp_info_len;
u8 ext_supp_rates_len;
u8 wpa_ie_len;
u8 rsn_ie_len;
@@ -63,14 +61,9 @@
u8 supp_channels_len;
u8 mdie_len;
u8 ftie_len;
- u8 timeout_int_len;
- u8 ht_capabilities_len;
- u8 ht_operation_len;
u8 mesh_config_len;
u8 mesh_id_len;
u8 peer_mgmt_len;
- u8 vht_capabilities_len;
- u8 vht_operation_len;
u8 vendor_ht_cap_len;
u8 vendor_vht_len;
u8 p2p_len;
diff --git a/src/common/ieee802_11_defs.h b/src/common/ieee802_11_defs.h
index 6e9c43c..47b15de 100644
--- a/src/common/ieee802_11_defs.h
+++ b/src/common/ieee802_11_defs.h
@@ -10,6 +10,8 @@
#ifndef IEEE802_11_DEFS_H
#define IEEE802_11_DEFS_H
+#include <utils/common.h>
+
/* IEEE 802.11 defines */
#define WLAN_FC_PVER 0x0003
@@ -1354,4 +1356,6 @@
u8 variable[0];
} STRUCT_PACKED;
+#define SSID_MAX_LEN 32
+
#endif /* IEEE802_11_DEFS_H */
diff --git a/src/common/privsep_commands.h b/src/common/privsep_commands.h
index 4dc34c4..c6a472d 100644
--- a/src/common/privsep_commands.h
+++ b/src/common/privsep_commands.h
@@ -9,6 +9,8 @@
#ifndef PRIVSEP_COMMANDS_H
#define PRIVSEP_COMMANDS_H
+#include "common/ieee802_11_defs.h"
+
enum privsep_cmd {
PRIVSEP_CMD_REGISTER,
PRIVSEP_CMD_UNREGISTER,
@@ -29,7 +31,7 @@
struct privsep_cmd_associate
{
u8 bssid[ETH_ALEN];
- u8 ssid[32];
+ u8 ssid[SSID_MAX_LEN];
size_t ssid_len;
int hwmode;
int freq;
diff --git a/src/common/qca-vendor.h b/src/common/qca-vendor.h
index 5ff6817..e51f85f 100644
--- a/src/common/qca-vendor.h
+++ b/src/common/qca-vendor.h
@@ -132,7 +132,7 @@
QCA_NL80211_VENDOR_SUBCMD_KEY_MGMT_SET_KEY = 50,
QCA_NL80211_VENDOR_SUBCMD_KEY_MGMT_ROAM_AUTH = 51,
QCA_NL80211_VENDOR_SUBCMD_APFIND = 52,
- /* 53 - reserved for QCA */
+ /* 53 - reserved - was used by QCA, but not in use anymore */
QCA_NL80211_VENDOR_SUBCMD_DO_ACS = 54,
QCA_NL80211_VENDOR_SUBCMD_GET_FEATURES = 55,
QCA_NL80211_VENDOR_SUBCMD_DFS_OFFLOAD_CAC_STARTED = 56,
@@ -142,6 +142,15 @@
QCA_NL80211_VENDOR_SUBCMD_DFS_OFFLOAD_RADAR_DETECTED = 60,
/* 61-90 - reserved for QCA */
QCA_NL80211_VENDOR_SUBCMD_DATA_OFFLOAD = 91,
+ QCA_NL80211_VENDOR_SUBCMD_OCB_SET_CONFIG = 92,
+ QCA_NL80211_VENDOR_SUBCMD_OCB_SET_UTC_TIME = 93,
+ QCA_NL80211_VENDOR_SUBCMD_OCB_START_TIMING_ADVERT = 94,
+ QCA_NL80211_VENDOR_SUBCMD_OCB_STOP_TIMING_ADVERT = 95,
+ QCA_NL80211_VENDOR_SUBCMD_OCB_GET_TSF_TIMER = 96,
+ QCA_NL80211_VENDOR_SUBCMD_DCC_GET_STATS = 97,
+ QCA_NL80211_VENDOR_SUBCMD_DCC_CLEAR_STATS = 98,
+ QCA_NL80211_VENDOR_SUBCMD_DCC_UPDATE_NDL = 99,
+ QCA_NL80211_VENDOR_SUBCMD_DCC_STATS_EVENT = 100,
};
diff --git a/src/common/wpa_common.c b/src/common/wpa_common.c
index 0368904..a0747b4 100644
--- a/src/common/wpa_common.c
+++ b/src/common/wpa_common.c
@@ -356,6 +356,8 @@
parse->rsn_pmkid = data.pmkid;
break;
case WLAN_EID_MOBILITY_DOMAIN:
+ if (pos[1] < sizeof(struct rsn_mdie))
+ return -1;
parse->mdie = pos + 2;
parse->mdie_len = pos[1];
break;
@@ -368,6 +370,8 @@
return -1;
break;
case WLAN_EID_TIMEOUT_INTERVAL:
+ if (pos[1] != 5)
+ break;
parse->tie = pos + 2;
parse->tie_len = pos[1];
break;
@@ -838,7 +842,7 @@
const u8 *mdid, const u8 *r0kh_id, size_t r0kh_id_len,
const u8 *s0kh_id, u8 *pmk_r0, u8 *pmk_r0_name)
{
- u8 buf[1 + WPA_MAX_SSID_LEN + MOBILITY_DOMAIN_ID_LEN + 1 +
+ u8 buf[1 + SSID_MAX_LEN + MOBILITY_DOMAIN_ID_LEN + 1 +
FT_R0KH_ID_MAX_LEN + ETH_ALEN];
u8 *pos, r0_key_data[48], hash[32];
const u8 *addr[2];
@@ -852,7 +856,7 @@
* PMK-R0 = L(R0-Key-Data, 0, 256)
* PMK-R0Name-Salt = L(R0-Key-Data, 256, 128)
*/
- if (ssid_len > WPA_MAX_SSID_LEN || r0kh_id_len > FT_R0KH_ID_MAX_LEN)
+ if (ssid_len > SSID_MAX_LEN || r0kh_id_len > FT_R0KH_ID_MAX_LEN)
return;
pos = buf;
*pos++ = ssid_len;
diff --git a/src/common/wpa_common.h b/src/common/wpa_common.h
index 091e317..29c3503 100644
--- a/src/common/wpa_common.h
+++ b/src/common/wpa_common.h
@@ -9,8 +9,6 @@
#ifndef WPA_COMMON_H
#define WPA_COMMON_H
-#define WPA_MAX_SSID_LEN 32
-
/* IEEE 802.11i */
#define PMKID_LEN 16
#define PMK_LEN 32
@@ -308,7 +306,6 @@
} STRUCT_PACKED;
#endif /* CONFIG_IEEE80211W */
-#ifdef CONFIG_IEEE80211R
struct rsn_mdie {
u8 mobility_domain[MOBILITY_DOMAIN_ID_LEN];
u8 ft_capab;
@@ -336,7 +333,6 @@
le16 status_code;
} STRUCT_PACKED;
-#endif /* CONFIG_IEEE80211R */
#ifdef _MSC_VER
#pragma pack(pop)
diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
index 935add5..d3e9eb9 100644
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
@@ -2703,8 +2703,7 @@
return -1;
ssl = conn->ssl;
if (ssl == NULL || ssl->s3 == NULL || ssl->session == NULL ||
- ssl->s3->client_random == NULL || ssl->s3->server_random == NULL ||
- ssl->session->master_key == NULL)
+ ssl->session->master_key_length <= 0)
return -1;
if (skip_keyblock) {
diff --git a/src/drivers/driver.h b/src/drivers/driver.h
index a52328c..e4d0412 100644
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
@@ -20,6 +20,7 @@
#define WPA_SUPPLICANT_DRIVER_VERSION 4
#include "common/defs.h"
+#include "common/ieee802_11_defs.h"
#include "utils/list.h"
#define HOSTAPD_CHAN_DISABLED 0x00000001
@@ -341,7 +342,7 @@
* is not needed anymore.
*/
struct wpa_driver_scan_filter {
- u8 ssid[32];
+ u8 ssid[SSID_MAX_LEN];
size_t ssid_len;
} *filter_ssids;
diff --git a/src/drivers/driver_hostap.h b/src/drivers/driver_hostap.h
index a9d3e76..4c1e6d6 100644
--- a/src/drivers/driver_hostap.h
+++ b/src/drivers/driver_hostap.h
@@ -192,7 +192,7 @@
} mlme;
struct {
u8 ssid_len;
- u8 ssid[32];
+ u8 ssid[SSID_MAX_LEN];
} scan_req;
} u;
};
diff --git a/src/drivers/driver_ndis.c b/src/drivers/driver_ndis.c
index 4953af6..669f1b8 100644
--- a/src/drivers/driver_ndis.c
+++ b/src/drivers/driver_ndis.c
@@ -709,11 +709,11 @@
/* Disconnect by setting SSID to random (i.e., likely not used). */
static int wpa_driver_ndis_disconnect(struct wpa_driver_ndis_data *drv)
{
- char ssid[32];
+ char ssid[SSID_MAX_LEN];
int i;
- for (i = 0; i < 32; i++)
+ for (i = 0; i < SSID_MAX_LEN; i++)
ssid[i] = rand() & 0xff;
- return wpa_driver_ndis_set_ssid(drv, (u8 *) ssid, 32);
+ return wpa_driver_ndis_set_ssid(drv, (u8 *) ssid, SSID_MAX_LEN);
}
@@ -806,7 +806,7 @@
if (wpa_scan_get_ie(r, WLAN_EID_SSID))
return r; /* SSID IE already present */
- if (ssid->SsidLength == 0 || ssid->SsidLength > 32)
+ if (ssid->SsidLength == 0 || ssid->SsidLength > SSID_MAX_LEN)
return r; /* No valid SSID inside scan data */
nr = os_realloc(r, sizeof(*r) + r->ie_len + 2 + ssid->SsidLength);
diff --git a/src/drivers/driver_nl80211.h b/src/drivers/driver_nl80211.h
index 64c4665..b5071b4 100644
--- a/src/drivers/driver_nl80211.h
+++ b/src/drivers/driver_nl80211.h
@@ -110,7 +110,7 @@
u8 bssid[ETH_ALEN];
u8 prev_bssid[ETH_ALEN];
int associated;
- u8 ssid[32];
+ u8 ssid[SSID_MAX_LEN];
size_t ssid_len;
enum nl80211_iftype nlmode;
enum nl80211_iftype ap_scan_as_station;
@@ -169,7 +169,7 @@
/* From failed authentication command */
int auth_freq;
u8 auth_bssid_[ETH_ALEN];
- u8 auth_ssid[32];
+ u8 auth_ssid[SSID_MAX_LEN];
size_t auth_ssid_len;
int auth_alg;
u8 *auth_ie;
diff --git a/src/drivers/driver_privsep.c b/src/drivers/driver_privsep.c
index de23fbd..26d2bab 100644
--- a/src/drivers/driver_privsep.c
+++ b/src/drivers/driver_privsep.c
@@ -281,14 +281,15 @@
{
struct wpa_driver_privsep_data *drv = priv;
int res, ssid_len;
- u8 reply[sizeof(int) + 32];
+ u8 reply[sizeof(int) + SSID_MAX_LEN];
size_t len = sizeof(reply);
res = wpa_priv_cmd(drv, PRIVSEP_CMD_GET_SSID, NULL, 0, reply, &len);
if (res < 0 || len < sizeof(int))
return -1;
os_memcpy(&ssid_len, reply, sizeof(int));
- if (ssid_len < 0 || ssid_len > 32 || sizeof(int) + ssid_len > len) {
+ if (ssid_len < 0 || ssid_len > SSID_MAX_LEN ||
+ sizeof(int) + ssid_len > len) {
wpa_printf(MSG_DEBUG, "privsep: Invalid get SSID reply");
return -1;
}
diff --git a/src/drivers/driver_wext.c b/src/drivers/driver_wext.c
index 22e1184..01defdf 100644
--- a/src/drivers/driver_wext.c
+++ b/src/drivers/driver_wext.c
@@ -132,7 +132,7 @@
os_memset(&iwr, 0, sizeof(iwr));
os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
iwr.u.essid.pointer = (caddr_t) ssid;
- iwr.u.essid.length = 32;
+ iwr.u.essid.length = SSID_MAX_LEN;
if (ioctl(drv->ioctl_sock, SIOCGIWESSID, &iwr) < 0) {
wpa_printf(MSG_ERROR, "ioctl[SIOCGIWESSID]: %s",
@@ -140,8 +140,8 @@
ret = -1;
} else {
ret = iwr.u.essid.length;
- if (ret > 32)
- ret = 32;
+ if (ret > SSID_MAX_LEN)
+ ret = SSID_MAX_LEN;
/* Some drivers include nul termination in the SSID, so let's
* remove it here before further processing. WE-21 changes this
* to explicitly require the length _not_ to include nul
@@ -169,7 +169,7 @@
int ret = 0;
char buf[33];
- if (ssid_len > 32)
+ if (ssid_len > SSID_MAX_LEN)
return -1;
os_memset(&iwr, 0, sizeof(iwr));
@@ -1199,7 +1199,7 @@
struct wpa_scan_res res;
u8 *ie;
size_t ie_len;
- u8 ssid[32];
+ u8 ssid[SSID_MAX_LEN];
size_t ssid_len;
int maxrate;
};
@@ -1952,7 +1952,7 @@
{
struct iwreq iwr;
const u8 null_bssid[ETH_ALEN] = { 0, 0, 0, 0, 0, 0 };
- u8 ssid[32];
+ u8 ssid[SSID_MAX_LEN];
int i;
/*
@@ -1994,9 +1994,9 @@
* SIOCSIWMLME commands (or tries to associate automatically
* after deauth/disassoc).
*/
- for (i = 0; i < 32; i++)
+ for (i = 0; i < SSID_MAX_LEN; i++)
ssid[i] = rand() & 0xFF;
- if (wpa_driver_wext_set_ssid(drv, ssid, 32) < 0) {
+ if (wpa_driver_wext_set_ssid(drv, ssid, SSID_MAX_LEN) < 0) {
wpa_printf(MSG_DEBUG, "WEXT: Failed to set bogus "
"SSID to disconnect");
}
diff --git a/src/eap_common/Makefile b/src/eap_common/Makefile
index adfd3df..f00b438 100644
--- a/src/eap_common/Makefile
+++ b/src/eap_common/Makefile
@@ -1,8 +1,31 @@
-all:
- @echo Nothing to be made.
+all: libeap_common.a
clean:
- rm -f *~ *.o *.d *.gcno *.gcda *.gcov
+ rm -f *~ *.o *.d *.gcno *.gcda *.gcov libeap_common.a
install:
@echo Nothing to be made.
+
+include ../lib.rules
+
+LIB_OBJS= \
+ chap.o \
+ eap_common.o \
+ eap_eke_common.o \
+ eap_eke_common.o \
+ eap_fast_common.o \
+ eap_gpsk_common.o \
+ eap_ikev2_common.o \
+ eap_pax_common.o \
+ eap_peap_common.o \
+ eap_psk_common.o \
+ eap_pwd_common.o \
+ eap_sake_common.o \
+ eap_sim_common.o \
+ eap_wsc_common.o \
+ ikev2_common.o
+
+libeap_common.a: $(LIB_OBJS)
+ $(AR) crT $@ $?
+
+-include $(OBJS:%.o=%.d)
diff --git a/src/eap_peer/Makefile b/src/eap_peer/Makefile
index f79519b..6531ccd 100644
--- a/src/eap_peer/Makefile
+++ b/src/eap_peer/Makefile
@@ -1,11 +1,23 @@
-all:
- @echo Nothing to be made.
+all: libeap_peer.a
clean:
- rm -f *~ *.o *.so *.d *.gcno *.gcda *.gcov
+ rm -f *~ *.o *.so *.d *.gcno *.gcda *.gcov libeap_peer.a
install:
if ls *.so >/dev/null 2>&1; then \
install -d $(DESTDIR)$(LIBDIR)/wpa_supplicant && \
cp *.so $(DESTDIR)$(LIBDIR)/wpa_supplicant \
; fi
+
+include ../lib.rules
+
+CFLAGS += -DIEEE8021X_EAPOL
+
+LIB_OBJS= \
+ eap.o \
+ eap_methods.o
+
+libeap_peer.a: $(LIB_OBJS)
+ $(AR) crT $@ $?
+
+-include $(OBJS:%.o=%.d)
diff --git a/src/eap_server/Makefile b/src/eap_server/Makefile
index adfd3df..1172b72 100644
--- a/src/eap_server/Makefile
+++ b/src/eap_server/Makefile
@@ -1,8 +1,21 @@
-all:
- @echo Nothing to be made.
+all: libeap_server.a
clean:
- rm -f *~ *.o *.d *.gcno *.gcda *.gcov
+ rm -f *~ *.o *.d *.gcno *.gcda *.gcov libeap_server.a
install:
@echo Nothing to be made.
+
+include ../lib.rules
+
+CFLAGS += -DCONFIG_HS20
+
+LIB_OBJS= \
+ eap_server.o \
+ eap_server_identity.o \
+ eap_server_methods.o
+
+libeap_server.a: $(LIB_OBJS)
+ $(AR) crT $@ $?
+
+-include $(OBJS:%.o=%.d)
diff --git a/src/eapol_auth/Makefile b/src/eapol_auth/Makefile
index adfd3df..7b927a1 100644
--- a/src/eapol_auth/Makefile
+++ b/src/eapol_auth/Makefile
@@ -1,8 +1,16 @@
-all:
- @echo Nothing to be made.
+all: libeapol_auth.a
clean:
- rm -f *~ *.o *.d *.gcno *.gcda *.gcov
+ rm -f *~ *.o *.d *.gcno *.gcda *.gcov libeapol_auth.a
install:
@echo Nothing to be made.
+
+include ../lib.rules
+
+LIB_OBJS = eapol_auth_sm.o eapol_auth_dump.o
+
+libeapol_auth.a: $(LIB_OBJS)
+ $(AR) crT $@ $?
+
+-include $(OBJS:%.o=%.d)
diff --git a/src/eapol_supp/Makefile b/src/eapol_supp/Makefile
index adfd3df..80db9d4 100644
--- a/src/eapol_supp/Makefile
+++ b/src/eapol_supp/Makefile
@@ -1,8 +1,18 @@
-all:
- @echo Nothing to be made.
+all: libeapol_supp.a
clean:
- rm -f *~ *.o *.d *.gcno *.gcda *.gcov
+ rm -f *~ *.o *.d *.gcno *.gcda *.gcov libeapol_supp.a
install:
@echo Nothing to be made.
+
+include ../lib.rules
+
+CFLAGS += -DIEEE8021X_EAPOL
+
+LIB_OBJS = eapol_supp_sm.o
+
+libeapol_supp.a: $(LIB_OBJS)
+ $(AR) crT $@ $?
+
+-include $(OBJS:%.o=%.d)
diff --git a/src/l2_packet/Makefile b/src/l2_packet/Makefile
index adfd3df..47925b7 100644
--- a/src/l2_packet/Makefile
+++ b/src/l2_packet/Makefile
@@ -1,8 +1,16 @@
-all:
- @echo Nothing to be made.
+all: libl2_packet.a
clean:
- rm -f *~ *.o *.d *.gcno *.gcda *.gcov
+ rm -f *~ *.o *.d *.gcno *.gcda *.gcov libl2_packet.a
install:
@echo Nothing to be made.
+
+include ../lib.rules
+
+LIB_OBJS = l2_packet_linux.o
+
+libl2_packet.a: $(LIB_OBJS)
+ $(AR) crT $@ $?
+
+-include $(OBJS:%.o=%.d)
diff --git a/src/p2p/Makefile b/src/p2p/Makefile
index adfd3df..5587fcf 100644
--- a/src/p2p/Makefile
+++ b/src/p2p/Makefile
@@ -1,8 +1,29 @@
-all:
- @echo Nothing to be made.
+all: libp2p.a
clean:
- rm -f *~ *.o *.d *.gcno *.gcda *.gcov
+ rm -f *~ *.o *.d *.gcno *.gcda *.gcov libp2p.a
install:
@echo Nothing to be made.
+
+include ../lib.rules
+
+CFLAGS += -DCONFIG_WIFI_DISPLAY
+CFLAGS += -DCONFIG_WPS_NFC
+
+LIB_OBJS= \
+ p2p_build.o \
+ p2p.o \
+ p2p_dev_disc.o \
+ p2p_go_neg.o \
+ p2p_group.o \
+ p2p_invitation.o \
+ p2p_parse.o \
+ p2p_pd.o \
+ p2p_sd.o \
+ p2p_utils.o
+
+libp2p.a: $(LIB_OBJS)
+ $(AR) crT $@ $?
+
+-include $(OBJS:%.o=%.d)
diff --git a/src/p2p/p2p.h b/src/p2p/p2p.h
index 2e5c3dc..da2446d 100644
--- a/src/p2p/p2p.h
+++ b/src/p2p/p2p.h
@@ -9,7 +9,8 @@
#ifndef P2P_H
#define P2P_H
-#include "wps/wps_defs.h"
+#include "common/ieee802_11_defs.h"
+#include "wps/wps.h"
/* P2P ASP Setup Capability */
#define P2PS_SETUP_NONE 0
@@ -95,7 +96,7 @@
/**
* ssid - SSID of the group
*/
- u8 ssid[32];
+ u8 ssid[SSID_MAX_LEN];
/**
* ssid_len - Length of SSID in octets
@@ -268,27 +269,27 @@
/**
* device_name - Device Name (0..32 octets encoded in UTF-8)
*/
- char device_name[33];
+ char device_name[WPS_DEV_NAME_MAX_LEN + 1];
/**
* manufacturer - Manufacturer (0..64 octets encoded in UTF-8)
*/
- char manufacturer[65];
+ char manufacturer[WPS_MANUFACTURER_MAX_LEN + 1];
/**
* model_name - Model Name (0..32 octets encoded in UTF-8)
*/
- char model_name[33];
+ char model_name[WPS_MODEL_NAME_MAX_LEN + 1];
/**
* model_number - Model Number (0..32 octets encoded in UTF-8)
*/
- char model_number[33];
+ char model_number[WPS_MODEL_NUMBER_MAX_LEN + 1];
/**
* serial_number - Serial Number (0..32 octets encoded in UTF-8)
*/
- char serial_number[33];
+ char serial_number[WPS_SERIAL_NUMBER_MAX_LEN + 1];
/**
* level - Signal level
@@ -316,7 +317,7 @@
* This list includes from 0 to 16 Secondary Device Types as indicated
* by wps_sec_dev_type_list_len (8 * number of types).
*/
- u8 wps_sec_dev_type_list[128];
+ u8 wps_sec_dev_type_list[WPS_SEC_DEV_TYPE_MAX_LEN];
/**
* wps_sec_dev_type_list_len - Length of secondary device type list
@@ -495,7 +496,7 @@
* This data will be added to the end of the SSID after the
* DIRECT-<random two octets> prefix.
*/
- u8 ssid_postfix[32 - 9];
+ u8 ssid_postfix[SSID_MAX_LEN - 9];
/**
* ssid_postfix_len - Length of the ssid_postfix data
@@ -1607,7 +1608,7 @@
/**
* ssid - Group SSID
*/
- u8 ssid[32];
+ u8 ssid[SSID_MAX_LEN];
/**
* ssid_len - Length of SSID
@@ -2214,7 +2215,7 @@
size_t oob_dev_pw_len;
int go_freq;
u8 go_dev_addr[ETH_ALEN];
- u8 go_ssid[32];
+ u8 go_ssid[SSID_MAX_LEN];
size_t go_ssid_len;
};
diff --git a/src/p2p/p2p_i.h b/src/p2p/p2p_i.h
index 6af19ce..289a62d 100644
--- a/src/p2p/p2p_i.h
+++ b/src/p2p/p2p_i.h
@@ -71,7 +71,7 @@
char country[3];
struct p2p_channels channels;
int oper_freq;
- u8 oper_ssid[32];
+ u8 oper_ssid[SSID_MAX_LEN];
size_t oper_ssid_len;
/**
@@ -322,7 +322,7 @@
/**
* ssid - Selected SSID for GO Negotiation (if local end will be GO)
*/
- u8 ssid[32];
+ u8 ssid[SSID_MAX_LEN];
/**
* ssid_len - ssid length in octets
@@ -403,7 +403,7 @@
enum p2p_invite_role inv_role;
u8 inv_bssid[ETH_ALEN];
int inv_bssid_set;
- u8 inv_ssid[32];
+ u8 inv_ssid[SSID_MAX_LEN];
size_t inv_ssid_len;
u8 inv_sa[ETH_ALEN];
u8 inv_group_bssid[ETH_ALEN];
@@ -578,7 +578,7 @@
const u8 *p2p_device_addr;
const u8 *pri_dev_type;
u8 num_sec_dev_types;
- char device_name[33];
+ char device_name[WPS_DEV_NAME_MAX_LEN + 1];
u16 config_methods;
/* WPS IE */
diff --git a/src/p2p/p2p_invitation.c b/src/p2p/p2p_invitation.c
index 558c6dd..44a6bbf 100644
--- a/src/p2p/p2p_invitation.c
+++ b/src/p2p/p2p_invitation.c
@@ -387,7 +387,7 @@
} else
p2p->inv_group_bssid_ptr = NULL;
if (msg.group_id) {
- if (msg.group_id_len - ETH_ALEN <= 32) {
+ if (msg.group_id_len - ETH_ALEN <= SSID_MAX_LEN) {
os_memcpy(p2p->inv_ssid, msg.group_id + ETH_ALEN,
msg.group_id_len - ETH_ALEN);
p2p->inv_ssid_len = msg.group_id_len - ETH_ALEN;
diff --git a/src/p2p/p2p_parse.c b/src/p2p/p2p_parse.c
index fd6a461..980dddf 100644
--- a/src/p2p/p2p_parse.c
+++ b/src/p2p/p2p_parse.c
@@ -149,7 +149,8 @@
pos += 2;
nlen = WPA_GET_BE16(pos);
pos += 2;
- if (data + len - pos < (int) nlen || nlen > 32) {
+ if (data + len - pos < (int) nlen ||
+ nlen > WPS_DEV_NAME_MAX_LEN) {
wpa_printf(MSG_DEBUG, "P2P: Invalid Device Name "
"length %d (buf len %d)", (int) nlen,
(int) (data + len - pos));
@@ -160,8 +161,7 @@
for (i = 0; i < nlen; i++) {
if (msg->device_name[i] == '\0')
break;
- if (msg->device_name[i] > 0 &&
- msg->device_name[i] < 32)
+ if (is_ctrl_char(msg->device_name[i]))
msg->device_name[i] = '_';
}
wpa_printf(MSG_DEBUG, "P2P: * Device Info: addr " MACSTR
@@ -203,7 +203,7 @@
MAC2STR(msg->group_bssid));
break;
case P2P_ATTR_GROUP_ID:
- if (len < ETH_ALEN || len > ETH_ALEN + 32) {
+ if (len < ETH_ALEN || len > ETH_ALEN + SSID_MAX_LEN) {
wpa_printf(MSG_DEBUG, "P2P: Invalid P2P Group ID "
"attribute length %d", len);
return -1;
@@ -371,9 +371,9 @@
break;
case P2P_ATTR_PERSISTENT_GROUP:
{
- if (len < ETH_ALEN) {
+ if (len < ETH_ALEN || len > ETH_ALEN + SSID_MAX_LEN) {
wpa_printf(MSG_DEBUG,
- "P2P: Too short Persistent Group Info (length %u)",
+ "P2P: Invalid Persistent Group Info (length %u)",
len);
return -1;
}
@@ -516,7 +516,7 @@
struct ieee802_11_elems elems;
ieee802_11_parse_elems(data, len, &elems, 0);
- if (elems.ds_params && elems.ds_params_len >= 1)
+ if (elems.ds_params)
msg->ds_params = elems.ds_params;
if (elems.ssid)
msg->ssid = elems.ssid - 2;
@@ -674,8 +674,8 @@
t += 2;
if (count > cend - t)
return -1; /* invalid Device Name TLV */
- if (count >= 32)
- count = 32;
+ if (count >= WPS_DEV_NAME_MAX_LEN)
+ count = WPS_DEV_NAME_MAX_LEN;
cli->dev_name = (const char *) t;
cli->dev_name_len = count;
@@ -703,7 +703,7 @@
for (i = 0; i < info.num_clients; i++) {
struct p2p_client_info *cli;
- char name[33];
+ char name[WPS_DEV_NAME_MAX_LEN + 1];
char devtype[WPS_DEV_TYPE_BUFSIZE];
u8 s;
int count;
@@ -742,7 +742,7 @@
name[cli->dev_name_len] = '\0';
count = (int) cli->dev_name_len - 1;
while (count >= 0) {
- if (name[count] > 0 && name[count] < 32)
+ if (is_ctrl_char(name[count]))
name[count] = '_';
count--;
}
diff --git a/src/p2p/p2p_pd.c b/src/p2p/p2p_pd.c
index 328b1e0..bc84269 100644
--- a/src/p2p/p2p_pd.c
+++ b/src/p2p/p2p_pd.c
@@ -44,7 +44,7 @@
{
int found;
u8 intended_addr[ETH_ALEN];
- u8 ssid[32];
+ u8 ssid[SSID_MAX_LEN];
size_t ssid_len;
int group_iface;
@@ -84,7 +84,7 @@
struct p2ps_provision *prov = p2p->p2ps_prov;
u8 feat_cap_mask[] = { 1, 0 };
int shared_group = 0;
- u8 ssid[32];
+ u8 ssid[SSID_MAX_LEN];
size_t ssid_len;
u8 go_dev_addr[ETH_ALEN];
@@ -293,7 +293,7 @@
if (persist_ssid && p2p->cfg->get_persistent_group &&
(status == P2P_SC_SUCCESS ||
status == P2P_SC_SUCCESS_DEFERRED)) {
- u8 ssid[32];
+ u8 ssid[SSID_MAX_LEN];
size_t ssid_len;
u8 go_dev_addr[ETH_ALEN];
diff --git a/src/radius/Makefile b/src/radius/Makefile
index b5d063d..3ad4751 100644
--- a/src/radius/Makefile
+++ b/src/radius/Makefile
@@ -14,6 +14,7 @@
LIB_OBJS= \
radius.o \
radius_client.o \
+ radius_das.o \
radius_server.o
libradius.a: $(LIB_OBJS)
diff --git a/src/rsn_supp/Makefile b/src/rsn_supp/Makefile
index adfd3df..d5e61fe 100644
--- a/src/rsn_supp/Makefile
+++ b/src/rsn_supp/Makefile
@@ -1,8 +1,30 @@
-all:
- @echo Nothing to be made.
+all: librsn_supp.a
clean:
- rm -f *~ *.o *.d *.gcno *.gcda *.gcov
+ rm -f *~ *.o *.d *.gcno *.gcda *.gcov librsn_supp.a
install:
@echo Nothing to be made.
+
+include ../lib.rules
+
+CFLAGS += -DCONFIG_IEEE80211W
+CFLAGS += -DCONFIG_IEEE80211R
+CFLAGS += -DCONFIG_PEERKEY
+CFLAGS += -DCONFIG_TDLS
+CFLAGS += -DCONFIG_WNM
+CFLAGS += -DIEEE8021X_EAPOL
+
+LIB_OBJS= \
+ pmksa_cache.o \
+ wpa_ft.o \
+ peerkey.o \
+ tdls.o \
+ preauth.o \
+ wpa.o \
+ wpa_ie.o
+
+librsn_supp.a: $(LIB_OBJS)
+ $(AR) crT $@ $?
+
+-include $(OBJS:%.o=%.d)
diff --git a/src/rsn_supp/tdls.c b/src/rsn_supp/tdls.c
index c1d7749..6b1df71 100644
--- a/src/rsn_supp/tdls.c
+++ b/src/rsn_supp/tdls.c
@@ -1577,9 +1577,7 @@
static int copy_peer_ht_capab(const struct wpa_eapol_ie_parse *kde,
struct wpa_tdls_peer *peer)
{
- if (!kde->ht_capabilities ||
- kde->ht_capabilities_len <
- sizeof(struct ieee80211_ht_capabilities) ) {
+ if (!kde->ht_capabilities) {
wpa_printf(MSG_DEBUG, "TDLS: No supported ht capabilities "
"received");
return 0;
@@ -1605,9 +1603,7 @@
static int copy_peer_vht_capab(const struct wpa_eapol_ie_parse *kde,
struct wpa_tdls_peer *peer)
{
- if (!kde->vht_capabilities ||
- kde->vht_capabilities_len <
- sizeof(struct ieee80211_vht_capabilities) ) {
+ if (!kde->vht_capabilities) {
wpa_printf(MSG_DEBUG, "TDLS: No supported vht capabilities "
"received");
return 0;
diff --git a/src/rsn_supp/wpa_ie.c b/src/rsn_supp/wpa_ie.c
index 0d96216..0c37b35 100644
--- a/src/rsn_supp/wpa_ie.c
+++ b/src/rsn_supp/wpa_ie.c
@@ -511,12 +511,14 @@
ie->rsn_ie_len = pos[1] + 2;
wpa_hexdump(MSG_DEBUG, "WPA: RSN IE in EAPOL-Key",
ie->rsn_ie, ie->rsn_ie_len);
- } else if (*pos == WLAN_EID_MOBILITY_DOMAIN) {
+ } else if (*pos == WLAN_EID_MOBILITY_DOMAIN &&
+ pos[1] >= sizeof(struct rsn_mdie)) {
ie->mdie = pos;
ie->mdie_len = pos[1] + 2;
wpa_hexdump(MSG_DEBUG, "WPA: MDIE in EAPOL-Key",
ie->mdie, ie->mdie_len);
- } else if (*pos == WLAN_EID_FAST_BSS_TRANSITION) {
+ } else if (*pos == WLAN_EID_FAST_BSS_TRANSITION &&
+ pos[1] >= sizeof(struct rsn_ftie)) {
ie->ftie = pos;
ie->ftie_len = pos[1] + 2;
wpa_hexdump(MSG_DEBUG, "WPA: FTIE in EAPOL-Key",
@@ -551,15 +553,16 @@
} else if (*pos == WLAN_EID_EXT_SUPP_RATES) {
ie->ext_supp_rates = pos;
ie->ext_supp_rates_len = pos[1] + 2;
- } else if (*pos == WLAN_EID_HT_CAP) {
+ } else if (*pos == WLAN_EID_HT_CAP &&
+ pos[1] >= sizeof(struct ieee80211_ht_capabilities)) {
ie->ht_capabilities = pos + 2;
- ie->ht_capabilities_len = pos[1];
} else if (*pos == WLAN_EID_VHT_AID) {
if (pos[1] >= 2)
ie->aid = WPA_GET_LE16(pos + 2) & 0x3fff;
- } else if (*pos == WLAN_EID_VHT_CAP) {
+ } else if (*pos == WLAN_EID_VHT_CAP &&
+ pos[1] >= sizeof(struct ieee80211_vht_capabilities))
+ {
ie->vht_capabilities = pos + 2;
- ie->vht_capabilities_len = pos[1];
} else if (*pos == WLAN_EID_QOS && pos[1] >= 1) {
ie->qosinfo = pos[2];
} else if (*pos == WLAN_EID_SUPPORTED_CHANNELS) {
diff --git a/src/rsn_supp/wpa_ie.h b/src/rsn_supp/wpa_ie.h
index 0fc42cc..fe95af0 100644
--- a/src/rsn_supp/wpa_ie.h
+++ b/src/rsn_supp/wpa_ie.h
@@ -50,9 +50,7 @@
const u8 *ext_supp_rates;
size_t ext_supp_rates_len;
const u8 *ht_capabilities;
- size_t ht_capabilities_len;
const u8 *vht_capabilities;
- size_t vht_capabilities_len;
const u8 *supp_channels;
size_t supp_channels_len;
const u8 *supp_oper_classes;
diff --git a/src/utils/common.c b/src/utils/common.c
index 0bdc38d..5cf0d57 100644
--- a/src/utils/common.c
+++ b/src/utils/common.c
@@ -8,6 +8,7 @@
#include "includes.h"
+#include "common/ieee802_11_defs.h"
#include "common.h"
@@ -609,7 +610,7 @@
*/
const char * wpa_ssid_txt(const u8 *ssid, size_t ssid_len)
{
- static char ssid_txt[32 * 4 + 1];
+ static char ssid_txt[SSID_MAX_LEN * 4 + 1];
if (ssid == NULL) {
ssid_txt[0] = '\0';
@@ -1087,3 +1088,9 @@
return res_size;
}
+
+
+int is_ctrl_char(char c)
+{
+ return c > 0 && c < 32;
+}
diff --git a/src/utils/common.h b/src/utils/common.h
index a0eda4a..88318f5 100644
--- a/src/utils/common.h
+++ b/src/utils/common.h
@@ -554,6 +554,7 @@
char *outp, size_t out_size);
size_t utf8_unescape(const char *inp, size_t in_size,
char *outp, size_t out_size);
+int is_ctrl_char(char c);
/*
diff --git a/src/utils/utils_module_tests.c b/src/utils/utils_module_tests.c
index 4b97dad..b2c7e08 100644
--- a/src/utils/utils_module_tests.c
+++ b/src/utils/utils_module_tests.c
@@ -9,6 +9,7 @@
#include "utils/includes.h"
#include "utils/common.h"
+#include "common/ieee802_11_defs.h"
#include "utils/bitfield.h"
#include "utils/ext_password.h"
#include "utils/trace.h"
@@ -340,6 +341,9 @@
u8 bin[3];
int errors = 0;
struct wpa_freq_range_list ranges;
+ size_t len;
+ const char *txt;
+ u8 ssid[255];
wpa_printf(MSG_INFO, "common tests");
@@ -395,6 +399,16 @@
if (utf8_escape("a", 0, buf, sizeof(buf)) != 1 || buf[0] != 'a')
errors++;
+ os_memset(ssid, 0, sizeof(ssid));
+ txt = wpa_ssid_txt(ssid, sizeof(ssid));
+ len = os_strlen(txt);
+ /* Verify that SSID_MAX_LEN * 4 buffer limit is enforced. */
+ if (len != SSID_MAX_LEN * 4) {
+ wpa_printf(MSG_ERROR,
+ "Unexpected wpa_ssid_txt() result with too long SSID");
+ errors++;
+ }
+
if (errors) {
wpa_printf(MSG_ERROR, "%d common test(s) failed", errors);
return -1;
diff --git a/src/wps/Makefile b/src/wps/Makefile
index adfd3df..4806fe8 100644
--- a/src/wps/Makefile
+++ b/src/wps/Makefile
@@ -1,8 +1,41 @@
-all:
- @echo Nothing to be made.
+all: libwps.a
clean:
- rm -f *~ *.o *.d *.gcno *.gcda *.gcov
+ rm -f *~ *.o *.d *.gcno *.gcda *.gcov libwps.a
install:
@echo Nothing to be made.
+
+include ../lib.rules
+
+CFLAGS += -DCONFIG_P2P
+CFLAGS += -DCONFIG_WPS_OOB
+CFLAGS += -DCONFIG_WPS_NFC
+
+LIB_OBJS= \
+ http_client.o \
+ httpread.o \
+ http_server.o \
+ ndef.o \
+ upnp_xml.o \
+ wps_attr_build.o \
+ wps_attr_parse.o \
+ wps_attr_process.o \
+ wps.o \
+ wps_common.o \
+ wps_dev_attr.o \
+ wps_enrollee.o \
+ wps_er.o \
+ wps_er_ssdp.o \
+ wps_module_tests.o \
+ wps_registrar.o \
+ wps_upnp_ap.o \
+ wps_upnp.o \
+ wps_upnp_event.o \
+ wps_upnp_ssdp.o \
+ wps_upnp_web.o
+
+libwps.a: $(LIB_OBJS)
+ $(AR) crT $@ $?
+
+-include $(OBJS:%.o=%.d)
diff --git a/src/wps/wps.c b/src/wps/wps.c
index 2c68be8..498f11f 100644
--- a/src/wps/wps.c
+++ b/src/wps/wps.c
@@ -618,7 +618,8 @@
if (str == NULL)
return pos - buf;
for (i = 0; i < attr.dev_name_len; i++) {
- if (attr.dev_name[i] < 32)
+ if (attr.dev_name[i] == 0 ||
+ is_ctrl_char(attr.dev_name[i]))
str[i] = '_';
else
str[i] = attr.dev_name[i];
diff --git a/src/wps/wps.h b/src/wps/wps.h
index 0a7f65d..c88aaa4 100644
--- a/src/wps/wps.h
+++ b/src/wps/wps.h
@@ -9,6 +9,7 @@
#ifndef WPS_H
#define WPS_H
+#include "common/ieee802_11_defs.h"
#include "wps_defs.h"
/**
@@ -44,7 +45,7 @@
* @cred_attr_len: Length of cred_attr in octets
*/
struct wps_credential {
- u8 ssid[32];
+ u8 ssid[SSID_MAX_LEN];
size_t ssid_len;
u16 auth_type;
u16 encr_type;
@@ -623,7 +624,7 @@
* Credentials. In addition, AP uses it when acting as an Enrollee to
* notify Registrar of the current configuration.
*/
- u8 ssid[32];
+ u8 ssid[SSID_MAX_LEN];
/**
* ssid_len - Length of ssid in octets
diff --git a/src/wps/wps_attr_parse.c b/src/wps/wps_attr_parse.c
index 40bc1ad..11a967b 100644
--- a/src/wps/wps_attr_parse.c
+++ b/src/wps/wps_attr_parse.c
@@ -447,25 +447,55 @@
break;
case ATTR_MANUFACTURER:
attr->manufacturer = pos;
- attr->manufacturer_len = len;
+ if (len > WPS_MANUFACTURER_MAX_LEN)
+ attr->manufacturer_len = WPS_MANUFACTURER_MAX_LEN;
+ else
+ attr->manufacturer_len = len;
break;
case ATTR_MODEL_NAME:
attr->model_name = pos;
- attr->model_name_len = len;
+ if (len > WPS_MODEL_NAME_MAX_LEN)
+ attr->model_name_len = WPS_MODEL_NAME_MAX_LEN;
+ else
+ attr->model_name_len = len;
break;
case ATTR_MODEL_NUMBER:
attr->model_number = pos;
- attr->model_number_len = len;
+ if (len > WPS_MODEL_NUMBER_MAX_LEN)
+ attr->model_number_len = WPS_MODEL_NUMBER_MAX_LEN;
+ else
+ attr->model_number_len = len;
break;
case ATTR_SERIAL_NUMBER:
attr->serial_number = pos;
- attr->serial_number_len = len;
+ if (len > WPS_SERIAL_NUMBER_MAX_LEN)
+ attr->serial_number_len = WPS_SERIAL_NUMBER_MAX_LEN;
+ else
+ attr->serial_number_len = len;
break;
case ATTR_DEV_NAME:
+ if (len > WPS_DEV_NAME_MAX_LEN) {
+ wpa_printf(MSG_DEBUG,
+ "WPS: Ignore too long Device Name (len=%u)",
+ len);
+ break;
+ }
attr->dev_name = pos;
attr->dev_name_len = len;
break;
case ATTR_PUBLIC_KEY:
+ /*
+ * The Public Key attribute is supposed to be exactly 192 bytes
+ * in length. Allow couple of bytes shorter one to try to
+ * interoperate with implementations that do not use proper
+ * zero-padding.
+ */
+ if (len < 190 || len > 192) {
+ wpa_printf(MSG_DEBUG,
+ "WPS: Ignore Public Key with unexpected length %u",
+ len);
+ break;
+ }
attr->public_key = pos;
attr->public_key_len = len;
break;
@@ -485,6 +515,11 @@
attr->num_cred++;
break;
case ATTR_SSID:
+ if (len > SSID_MAX_LEN) {
+ wpa_printf(MSG_DEBUG,
+ "WPS: Ignore too long SSID (len=%u)", len);
+ break;
+ }
attr->ssid = pos;
attr->ssid_len = len;
break;
diff --git a/src/wps/wps_defs.h b/src/wps/wps_defs.h
index 25cd14a..4334155 100644
--- a/src/wps/wps_defs.h
+++ b/src/wps/wps_defs.h
@@ -41,6 +41,11 @@
#define WPS_OOB_DEVICE_PASSWORD_MIN_LEN 16
#define WPS_OOB_DEVICE_PASSWORD_LEN 32
#define WPS_OOB_PUBKEY_HASH_LEN 20
+#define WPS_DEV_NAME_MAX_LEN 32
+#define WPS_MANUFACTURER_MAX_LEN 64
+#define WPS_MODEL_NAME_MAX_LEN 32
+#define WPS_MODEL_NUMBER_MAX_LEN 32
+#define WPS_SERIAL_NUMBER_MAX_LEN 32
/* Attribute Types */
enum wps_attribute {
diff --git a/wpa_supplicant/bss.c b/wpa_supplicant/bss.c
index b4c47e2..46ed5aa 100644
--- a/wpa_supplicant/bss.c
+++ b/wpa_supplicant/bss.c
@@ -652,7 +652,7 @@
MACSTR, MAC2STR(res->bssid));
return;
}
- if (ssid[1] > 32) {
+ if (ssid[1] > SSID_MAX_LEN) {
wpa_dbg(wpa_s, MSG_DEBUG, "BSS: Too long SSID IE included for "
MACSTR, MAC2STR(res->bssid));
return;
@@ -679,7 +679,7 @@
* (to save memory) */
mesh = wpa_scan_get_ie(res, WLAN_EID_MESH_ID);
- if (mesh && mesh[1] <= 32)
+ if (mesh && mesh[1] <= SSID_MAX_LEN)
ssid = mesh;
bss = wpa_bss_get(wpa_s, res->bssid, ssid + 2, ssid[1]);
diff --git a/wpa_supplicant/bss.h b/wpa_supplicant/bss.h
index 634aa3c..b215380 100644
--- a/wpa_supplicant/bss.h
+++ b/wpa_supplicant/bss.h
@@ -69,7 +69,7 @@
/** HESSID */
u8 hessid[ETH_ALEN];
/** SSID */
- u8 ssid[32];
+ u8 ssid[SSID_MAX_LEN];
/** Length of SSID */
size_t ssid_len;
/** Frequency of the channel in MHz (e.g., 2412 = channel 1) */
diff --git a/wpa_supplicant/config.c b/wpa_supplicant/config.c
index fb539cc..e1f4883 100644
--- a/wpa_supplicant/config.c
+++ b/wpa_supplicant/config.c
@@ -1814,7 +1814,7 @@
* functions.
*/
static const struct parse_data ssid_fields[] = {
- { STR_RANGE(ssid, 0, MAX_SSID_LEN) },
+ { STR_RANGE(ssid, 0, SSID_MAX_LEN) },
{ INT_RANGE(scan_ssid, 0, 1) },
{ FUNC(bssid) },
{ FUNC(bssid_blacklist) },
@@ -2956,7 +2956,7 @@
if (os_strcmp(var, "excluded_ssid") == 0) {
struct excluded_ssid *e;
- if (len > MAX_SSID_LEN) {
+ if (len > SSID_MAX_LEN) {
wpa_printf(MSG_ERROR, "Line %d: invalid "
"excluded_ssid length %d", line, (int) len);
os_free(val);
@@ -4141,7 +4141,8 @@
{ FUNC_NO_VAR(load_dynamic_eap), 0 },
#ifdef CONFIG_WPS
{ FUNC(uuid), CFG_CHANGED_UUID },
- { STR_RANGE(device_name, 0, 32), CFG_CHANGED_DEVICE_NAME },
+ { STR_RANGE(device_name, 0, WPS_DEV_NAME_MAX_LEN),
+ CFG_CHANGED_DEVICE_NAME },
{ STR_RANGE(manufacturer, 0, 64), CFG_CHANGED_WPS_STRING },
{ STR_RANGE(model_name, 0, 32), CFG_CHANGED_WPS_STRING },
{ STR_RANGE(model_number, 0, 32), CFG_CHANGED_WPS_STRING },
diff --git a/wpa_supplicant/config.h b/wpa_supplicant/config.h
index 34b754e..16681fd 100644
--- a/wpa_supplicant/config.h
+++ b/wpa_supplicant/config.h
@@ -37,6 +37,7 @@
#include "config_ssid.h"
#include "wps/wps.h"
+#include "common/ieee802_11_defs.h"
#include "common/ieee802_11_common.h"
@@ -241,7 +242,7 @@
char *phase2;
struct excluded_ssid {
- u8 ssid[MAX_SSID_LEN];
+ u8 ssid[SSID_MAX_LEN];
size_t ssid_len;
} *excluded_ssid;
size_t num_excluded_ssid;
diff --git a/wpa_supplicant/config_ssid.h b/wpa_supplicant/config_ssid.h
index 23a37cc..dbb5a47 100644
--- a/wpa_supplicant/config_ssid.h
+++ b/wpa_supplicant/config_ssid.h
@@ -13,8 +13,6 @@
#include "utils/list.h"
#include "eap_peer/eap_config.h"
-#define MAX_SSID_LEN 32
-
#define DEFAULT_EAP_WORKAROUND ((unsigned int) -1)
#define DEFAULT_EAPOL_FLAGS (EAPOL_FLAG_REQUIRE_KEY_UNICAST | \
diff --git a/wpa_supplicant/ctrl_iface.c b/wpa_supplicant/ctrl_iface.c
index d48ac8a..a6aafee 100644
--- a/wpa_supplicant/ctrl_iface.c
+++ b/wpa_supplicant/ctrl_iface.c
@@ -153,7 +153,8 @@
}
ssid = ns;
- if ((end - pos) & 0x01 || end - pos > 2 * 32 ||
+ if ((end - pos) & 0x01 ||
+ end - pos > 2 * SSID_MAX_LEN ||
hexstr2bin(pos, ssid[ssid_count].ssid,
(end - pos) / 2) < 0) {
os_free(ssid);
@@ -1728,7 +1729,7 @@
if (ssid) {
u8 *_ssid = ssid->ssid;
size_t ssid_len = ssid->ssid_len;
- u8 ssid_buf[MAX_SSID_LEN];
+ u8 ssid_buf[SSID_MAX_LEN];
if (ssid_len == 0) {
int _res = wpa_drv_get_ssid(wpa_s, ssid_buf);
if (_res < 0)
@@ -7706,7 +7707,7 @@
if (os_strncmp(cmd, " ssid=", 6) == 0) {
ssid.ssid_len = os_strlen(cmd + 6);
- if (ssid.ssid_len > 32)
+ if (ssid.ssid_len > SSID_MAX_LEN)
return -1;
ssid.ssid = (u8 *) (cmd + 6);
ssid_p = &ssid;
diff --git a/wpa_supplicant/dbus/dbus_new_handlers.c b/wpa_supplicant/dbus/dbus_new_handlers.c
index 66ee32f..d695d1b 100644
--- a/wpa_supplicant/dbus/dbus_new_handlers.c
+++ b/wpa_supplicant/dbus/dbus_new_handlers.c
@@ -1034,10 +1034,10 @@
dbus_message_iter_get_fixed_array(&sub_array_iter, &val, &len);
- if (len > MAX_SSID_LEN) {
+ if (len > SSID_MAX_LEN) {
wpa_printf(MSG_DEBUG,
"%s[dbus]: SSID too long (len=%d max_len=%d)",
- __func__, len, MAX_SSID_LEN);
+ __func__, len, SSID_MAX_LEN);
*reply = wpas_dbus_error_invalid_args(
message, "Invalid SSID: too long");
return -1;
diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c
index fc70035..49faadc 100644
--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
@@ -158,7 +158,7 @@
static int wpa_supplicant_select_config(struct wpa_supplicant *wpa_s)
{
struct wpa_ssid *ssid, *old_ssid;
- u8 drv_ssid[MAX_SSID_LEN];
+ u8 drv_ssid[SSID_MAX_LEN];
size_t drv_ssid_len;
int res;
diff --git a/wpa_supplicant/hs20_supplicant.c b/wpa_supplicant/hs20_supplicant.c
index b9cd681..98af530 100644
--- a/wpa_supplicant/hs20_supplicant.c
+++ b/wpa_supplicant/hs20_supplicant.c
@@ -46,7 +46,7 @@
struct osu_provider {
u8 bssid[ETH_ALEN];
- u8 osu_ssid[32];
+ u8 osu_ssid[SSID_MAX_LEN];
u8 osu_ssid_len;
char server_uri[256];
u32 osu_methods; /* bit 0 = OMA-DM, bit 1 = SOAP-XML SPP */
@@ -822,7 +822,7 @@
continue;
}
osu_ssid_len = *pos++;
- if (osu_ssid_len > 32) {
+ if (osu_ssid_len > SSID_MAX_LEN) {
wpa_printf(MSG_DEBUG, "HS 2.0: Invalid OSU SSID "
"Length %u", osu_ssid_len);
continue;
diff --git a/wpa_supplicant/mesh.c b/wpa_supplicant/mesh.c
index 33b4af3..ca012e2 100644
--- a/wpa_supplicant/mesh.c
+++ b/wpa_supplicant/mesh.c
@@ -453,22 +453,23 @@
ret = os_snprintf(pos, end - pos, "bss_basic_rate_set=%d",
bss_basic_rate_set[0]);
if (os_snprintf_error(end - pos, ret))
- return pos - buf;
+ goto fail;
pos += ret;
for (i = 1; i < bss_basic_rate_set_len; i++) {
ret = os_snprintf(pos, end - pos, " %d",
bss_basic_rate_set[i]);
if (os_snprintf_error(end - pos, ret))
- return pos - buf;
+ goto fail;
pos += ret;
}
ret = os_snprintf(pos, end - pos, "\n");
if (os_snprintf_error(end - pos, ret))
- return pos - buf;
+ goto fail;
pos += ret;
}
+fail:
os_free(bss_basic_rate_set);
return pos - buf;
diff --git a/wpa_supplicant/mesh_mpm.c b/wpa_supplicant/mesh_mpm.c
index 1d6f2be..b29b5ff 100644
--- a/wpa_supplicant/mesh_mpm.c
+++ b/wpa_supplicant/mesh_mpm.c
@@ -551,8 +551,7 @@
mesh_mpm_init_link(wpa_s, sta);
#ifdef CONFIG_IEEE80211N
- copy_sta_ht_capab(data, sta, elems->ht_capabilities,
- elems->ht_capabilities_len);
+ copy_sta_ht_capab(data, sta, elems->ht_capabilities);
update_ht_state(data, sta);
#endif /* CONFIG_IEEE80211N */
diff --git a/wpa_supplicant/wpa_cli.c b/wpa_supplicant/wpa_cli.c
index 5fe4618..9fbc532 100644
--- a/wpa_supplicant/wpa_cli.c
+++ b/wpa_supplicant/wpa_cli.c
@@ -967,12 +967,12 @@
res = os_snprintf(cmd, sizeof(cmd), "WPS_REG %s %s",
argv[0], argv[1]);
else if (argc == 5 || argc == 6) {
- char ssid_hex[2 * 32 + 1];
+ char ssid_hex[2 * SSID_MAX_LEN + 1];
char key_hex[2 * 64 + 1];
int i;
ssid_hex[0] = '\0';
- for (i = 0; i < 32; i++) {
+ for (i = 0; i < SSID_MAX_LEN; i++) {
if (argv[2][i] == '\0')
break;
os_snprintf(&ssid_hex[i * 2], 3, "%02x", argv[2][i]);
@@ -1096,12 +1096,12 @@
int res;
if (argc == 5 || argc == 6) {
- char ssid_hex[2 * 32 + 1];
+ char ssid_hex[2 * SSID_MAX_LEN + 1];
char key_hex[2 * 64 + 1];
int i;
ssid_hex[0] = '\0';
- for (i = 0; i < 32; i++) {
+ for (i = 0; i < SSID_MAX_LEN; i++) {
if (argv[2][i] == '\0')
break;
os_snprintf(&ssid_hex[i * 2], 3, "%02x", argv[2][i]);
diff --git a/wpa_supplicant/wpa_priv.c b/wpa_supplicant/wpa_priv.c
index ac38d69..6bd60b9 100644
--- a/wpa_supplicant/wpa_priv.c
+++ b/wpa_supplicant/wpa_priv.c
@@ -199,7 +199,7 @@
if (bssid[0] | bssid[1] | bssid[2] | bssid[3] | bssid[4] | bssid[5])
params.bssid = bssid;
params.ssid = assoc->ssid;
- if (assoc->ssid_len > 32)
+ if (assoc->ssid_len > SSID_MAX_LEN)
return;
params.ssid_len = assoc->ssid_len;
params.freq.mode = assoc->hwmode;
@@ -244,7 +244,7 @@
static void wpa_priv_cmd_get_ssid(struct wpa_priv_interface *iface,
struct sockaddr_un *from)
{
- u8 ssid[sizeof(int) + 32];
+ u8 ssid[sizeof(int) + SSID_MAX_LEN];
int res;
if (iface->drv_priv == NULL)
@@ -254,7 +254,7 @@
goto fail;
res = iface->driver->get_ssid(iface->drv_priv, &ssid[sizeof(int)]);
- if (res < 0 || res > 32)
+ if (res < 0 || res > SSID_MAX_LEN)
goto fail;
os_memcpy(ssid, &res, sizeof(int));
diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c
index 2ba9c38..b96fd8e 100644
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -2872,7 +2872,7 @@
struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
{
struct wpa_ssid *entry;
- u8 ssid[MAX_SSID_LEN];
+ u8 ssid[SSID_MAX_LEN];
int res;
size_t ssid_len;
u8 bssid[ETH_ALEN];
diff --git a/wpa_supplicant/wpa_supplicant_i.h b/wpa_supplicant/wpa_supplicant_i.h
index 2d517f1..1b9753c 100644
--- a/wpa_supplicant/wpa_supplicant_i.h
+++ b/wpa_supplicant/wpa_supplicant_i.h
@@ -369,7 +369,7 @@
};
struct wpa_ssid_value {
- u8 ssid[32];
+ u8 ssid[SSID_MAX_LEN];
size_t ssid_len;
};
@@ -662,7 +662,7 @@
#ifdef CONFIG_SME
struct {
- u8 ssid[32];
+ u8 ssid[SSID_MAX_LEN];
size_t ssid_len;
int freq;
u8 assoc_req_ie[200];
@@ -768,7 +768,7 @@
u8 pending_join_iface_addr[ETH_ALEN];
u8 pending_join_dev_addr[ETH_ALEN];
int pending_join_wps_method;
- u8 p2p_join_ssid[32];
+ u8 p2p_join_ssid[SSID_MAX_LEN];
size_t p2p_join_ssid_len;
int p2p_join_scan_count;
int auto_pd_scan_retry;
diff --git a/wpa_supplicant/wps_supplicant.c b/wpa_supplicant/wps_supplicant.c
index eabe986..52594a1 100644
--- a/wpa_supplicant/wps_supplicant.c
+++ b/wpa_supplicant/wps_supplicant.c
@@ -1910,7 +1910,7 @@
struct wps_credential *cred)
{
os_memset(cred, 0, sizeof(*cred));
- if (ssid->ssid_len > 32)
+ if (ssid->ssid_len > SSID_MAX_LEN)
return -1;
os_memcpy(cred->ssid, ssid->ssid, ssid->ssid_len);
cred->ssid_len = ssid->ssid_len;