Cumulative patch from commit 20ff2642e192437245422c9654463bcebf65b277
20ff264 WPS: Clear WPS data on init failure
f19e370 WPS: Do not advertise WPA/WPA2-Enterprise Auth Type Flags
1b5df9e nl80211: Do not indicate scan started event on scan_for_auth
bb23826 HS 2.0R2: Clean up debug log during exit path
48408fc HS 2.0R2: Do not mandate OCSP response for EST operations
8f60293 HS 2.0R2: Do not use OSU cert validation for EST
40bdcea HS 2.0R2: Configure OSU client trust root more consistently
4d65ded HS 2.0R2: Clean up debug from libcurl
Change-Id: I44aa20ac92abf03ea7b47f1ecad72dc07a0870d9
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
diff --git a/src/ap/wps_hostapd.c b/src/ap/wps_hostapd.c
index 3a40125..62cd03c 100644
--- a/src/ap/wps_hostapd.c
+++ b/src/ap/wps_hostapd.c
@@ -40,6 +40,7 @@
const u8 *ie, size_t ie_len,
int ssi_signal);
static void hostapd_wps_ap_pin_timeout(void *eloop_data, void *user_ctx);
+static void hostapd_wps_nfc_clear(struct wps_context *wps);
struct wps_for_each_data {
@@ -897,7 +898,7 @@
}
-static void hostapd_wps_clear_ies(struct hostapd_data *hapd)
+static void hostapd_wps_clear_ies(struct hostapd_data *hapd, int deinit_only)
{
wpabuf_free(hapd->wps_beacon_ie);
hapd->wps_beacon_ie = NULL;
@@ -905,6 +906,9 @@
wpabuf_free(hapd->wps_probe_resp_ie);
hapd->wps_probe_resp_ie = NULL;
+ if (deinit_only)
+ return;
+
hostapd_set_ap_wps_ie(hapd);
}
@@ -987,6 +991,21 @@
}
+static void hostapd_free_wps(struct wps_context *wps)
+{
+ int i;
+
+ for (i = 0; i < MAX_WPS_VENDOR_EXTENSIONS; i++)
+ wpabuf_free(wps->dev.vendor_ext[i]);
+ wps_device_data_free(&wps->dev);
+ os_free(wps->network_key);
+ hostapd_wps_nfc_clear(wps);
+ wpabuf_free(wps->dh_pubkey);
+ wpabuf_free(wps->dh_privkey);
+ os_free(wps);
+}
+
+
int hostapd_init_wps(struct hostapd_data *hapd,
struct hostapd_bss_config *conf)
{
@@ -994,7 +1013,7 @@
struct wps_registrar_config cfg;
if (conf->wps_state == 0) {
- hostapd_wps_clear_ies(hapd);
+ hostapd_wps_clear_ies(hapd, 0);
return 0;
}
@@ -1062,10 +1081,8 @@
os_memcpy(wps->dev.pri_dev_type, hapd->conf->device_type,
WPS_DEV_TYPE_LEN);
- if (hostapd_wps_set_vendor_ext(hapd, wps) < 0) {
- os_free(wps);
- return -1;
- }
+ if (hostapd_wps_set_vendor_ext(hapd, wps) < 0)
+ goto fail;
wps->dev.os_version = WPA_GET_BE32(hapd->conf->os_version);
@@ -1125,19 +1142,15 @@
wps->network_key_len = os_strlen(conf->ssid.wpa_passphrase);
} else if (conf->ssid.wpa_psk) {
wps->network_key = os_malloc(2 * PMK_LEN + 1);
- if (wps->network_key == NULL) {
- os_free(wps);
- return -1;
- }
+ if (wps->network_key == NULL)
+ goto fail;
wpa_snprintf_hex((char *) wps->network_key, 2 * PMK_LEN + 1,
conf->ssid.wpa_psk->psk, PMK_LEN);
wps->network_key_len = 2 * PMK_LEN;
} else if (conf->ssid.wep.keys_set && conf->ssid.wep.key[0]) {
wps->network_key = os_malloc(conf->ssid.wep.len[0]);
- if (wps->network_key == NULL) {
- os_free(wps);
- return -1;
- }
+ if (wps->network_key == NULL)
+ goto fail;
os_memcpy(wps->network_key, conf->ssid.wep.key[0],
conf->ssid.wep.len[0]);
wps->network_key_len = conf->ssid.wep.len[0];
@@ -1183,9 +1196,7 @@
wps->registrar = wps_registrar_init(wps, &cfg);
if (wps->registrar == NULL) {
wpa_printf(MSG_ERROR, "Failed to initialize WPS Registrar");
- os_free(wps->network_key);
- os_free(wps);
- return -1;
+ goto fail;
}
#ifdef CONFIG_WPS_UPNP
@@ -1201,6 +1212,10 @@
hapd->wps = wps;
return 0;
+
+fail:
+ hostapd_free_wps(wps);
+ return -1;
}
@@ -1215,8 +1230,7 @@
if (hostapd_wps_upnp_init(hapd, wps) < 0) {
wpa_printf(MSG_ERROR, "Failed to initialize WPS UPnP");
wps_registrar_deinit(wps->registrar);
- os_free(wps->network_key);
- os_free(wps);
+ hostapd_free_wps(wps);
hapd->wps = NULL;
return -1;
}
@@ -1246,21 +1260,18 @@
eloop_cancel_timeout(hostapd_wps_reenable_ap_pin, hapd, NULL);
eloop_cancel_timeout(hostapd_wps_ap_pin_timeout, hapd, NULL);
eloop_cancel_timeout(wps_reload_config, hapd->iface, NULL);
- if (hapd->wps == NULL)
+ if (hapd->wps == NULL) {
+ hostapd_wps_clear_ies(hapd, 1);
return;
+ }
#ifdef CONFIG_WPS_UPNP
hostapd_wps_upnp_deinit(hapd);
#endif /* CONFIG_WPS_UPNP */
wps_registrar_deinit(hapd->wps->registrar);
- os_free(hapd->wps->network_key);
- wps_device_data_free(&hapd->wps->dev);
- wpabuf_free(hapd->wps->dh_pubkey);
- wpabuf_free(hapd->wps->dh_privkey);
wps_free_pending_msgs(hapd->wps->upnp_msgs);
- hostapd_wps_nfc_clear(hapd->wps);
- os_free(hapd->wps);
+ hostapd_free_wps(hapd->wps);
hapd->wps = NULL;
- hostapd_wps_clear_ies(hapd);
+ hostapd_wps_clear_ies(hapd, 1);
}
diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c
index d60f95b..dcd002e 100644
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -2900,6 +2900,16 @@
case NL80211_CMD_TRIGGER_SCAN:
wpa_dbg(drv->ctx, MSG_DEBUG, "nl80211: Scan trigger");
drv->scan_state = SCAN_STARTED;
+ if (drv->scan_for_auth) {
+ /*
+ * Cannot indicate EVENT_SCAN_STARTED here since we skip
+ * EVENT_SCAN_RESULTS in scan_for_auth case and the
+ * upper layer implementation could get confused about
+ * scanning state.
+ */
+ wpa_printf(MSG_DEBUG, "nl80211: Do not indicate scan-start event due to internal scan_for_auth");
+ break;
+ }
wpa_supplicant_event(drv->ctx, EVENT_SCAN_STARTED, NULL);
break;
case NL80211_CMD_START_SCHED_SCAN:
diff --git a/src/utils/http_curl.c b/src/utils/http_curl.c
index 668c1a6..07d9af0 100644
--- a/src/utils/http_curl.c
+++ b/src/utils/http_curl.c
@@ -1,6 +1,6 @@
/*
* HTTP wrapper for libcurl
- * Copyright (c) 2012-2013, Qualcomm Atheros, Inc.
+ * Copyright (c) 2012-2014, Qualcomm Atheros, Inc.
*
* This software may be distributed under the terms of the BSD license.
* See README for more details.
@@ -82,15 +82,28 @@
static void debug_dump(struct http_ctx *ctx, const char *title,
const char *buf, size_t len)
{
- char *txt = os_malloc(len + 1);
+ char *txt;
+ size_t i;
+
+ for (i = 0; i < len; i++) {
+ if (buf[i] < 32 && buf[i] != '\t' && buf[i] != '\n' &&
+ buf[i] != '\r') {
+ wpa_hexdump_ascii(MSG_MSGDUMP, title, buf, len);
+ return;
+ }
+ }
+
+ txt = os_malloc(len + 1);
if (txt == NULL)
return;
os_memcpy(txt, buf, len);
txt[len] = '\0';
while (len > 0) {
len--;
- if (txt[len] == '\r' || txt[len] == '\n')
- txt[len] = '\0';
+ if (txt[len] == '\n' || txt[len] == '\r')
+ txt[len] = '\0';
+ else
+ break;
}
wpa_printf(MSG_MSGDUMP, "%s[%s]", title, txt);
os_free(txt);
@@ -134,21 +147,11 @@
}
-static size_t curl_cb_header(void *ptr, size_t size, size_t nmemb,
- void *userdata)
-{
- struct http_ctx *ctx = userdata;
- debug_dump(ctx, "curl header", ptr, size * nmemb);
- return size * nmemb;
-}
-
-
static size_t curl_cb_write(void *ptr, size_t size, size_t nmemb,
void *userdata)
{
struct http_ctx *ctx = userdata;
char *n;
- debug_dump(ctx, "curl write", ptr, size * nmemb);
n = os_realloc(ctx->curl_buf, ctx->curl_buf_len + size * nmemb + 1);
if (n == NULL)
return 0;
@@ -1275,8 +1278,6 @@
curl_easy_setopt(curl, CURLOPT_CERTINFO, 1L);
curl_easy_setopt(curl, CURLOPT_DEBUGFUNCTION, curl_cb_debug);
curl_easy_setopt(curl, CURLOPT_DEBUGDATA, ctx);
- curl_easy_setopt(curl, CURLOPT_HEADERFUNCTION, curl_cb_header);
- curl_easy_setopt(curl, CURLOPT_HEADERDATA, ctx);
curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, curl_cb_write);
curl_easy_setopt(curl, CURLOPT_WRITEDATA, ctx);
curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
@@ -1527,8 +1528,6 @@
}
curl_easy_setopt(curl, CURLOPT_DEBUGFUNCTION, curl_cb_debug);
curl_easy_setopt(curl, CURLOPT_DEBUGDATA, ctx);
- curl_easy_setopt(curl, CURLOPT_HEADERFUNCTION, curl_cb_header);
- curl_easy_setopt(curl, CURLOPT_HEADERDATA, ctx);
curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, fwrite);
curl_easy_setopt(curl, CURLOPT_WRITEDATA, f);
curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
diff --git a/src/wps/wps_attr_build.c b/src/wps/wps_attr_build.c
index 62d0feb..c7e1cbb 100644
--- a/src/wps/wps_attr_build.c
+++ b/src/wps/wps_attr_build.c
@@ -296,6 +296,9 @@
int wps_build_auth_type_flags(struct wps_data *wps, struct wpabuf *msg)
{
u16 auth_types = WPS_AUTH_TYPES;
+ /* WPA/WPA2-Enterprise enrollment not supported through WPS */
+ auth_types &= ~WPS_AUTH_WPA;
+ auth_types &= ~WPS_AUTH_WPA2;
#ifdef CONFIG_WPS2
auth_types &= ~WPS_AUTH_SHARED;
#endif /* CONFIG_WPS2 */