Merge "Add a new config item p2p_dfs_chan_enable for WFD GO" into udc-dev
diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
index 01b17b2..23bbe68 100644
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
@@ -2587,6 +2587,7 @@
u8 hash[32];
const u8 *addr[1];
size_t len[1];
+
addr[0] = wpabuf_head(cert);
len[0] = wpabuf_len(cert);
if (sha256_vector(1, addr, len, hash) < 0 ||
@@ -2608,29 +2609,30 @@
}
#endif /* CONFIG_SHA256 */
- openssl_tls_cert_event(conn, err_cert, depth, buf);
-
if (!preverify_ok) {
- if (depth > 0) {
- /* Send cert event for the peer certificate so that
- * the upper layers get information about it even if
- * validation of a CA certificate fails. */
- STACK_OF(X509) *chain;
+ /* Send cert events for the peer certificate chain so that
+ * the upper layers get information about it even if
+ * validation of a CA certificate fails. */
+ STACK_OF(X509) *chain;
+ int num_of_certs;
- chain = X509_STORE_CTX_get1_chain(x509_ctx);
- if (chain && sk_X509_num(chain) > 0) {
- char buf2[256];
- X509 *cert;
+ chain = X509_STORE_CTX_get1_chain(x509_ctx);
+ num_of_certs = sk_X509_num(chain);
+ if (chain && num_of_certs > 0) {
+ char buf2[256];
+ X509 *cert;
+ int cur_depth;
- cert = sk_X509_value(chain, 0);
+ for (cur_depth = num_of_certs - 1; cur_depth >= 0; cur_depth--) {
+ cert = sk_X509_value(chain, cur_depth);
X509_NAME_oneline(X509_get_subject_name(cert),
buf2, sizeof(buf2));
- openssl_tls_cert_event(conn, cert, 0, buf2);
+ openssl_tls_cert_event(conn, cert, cur_depth, buf2);
}
- if (chain)
- sk_X509_pop_free(chain, X509_free);
}
+ if (chain)
+ sk_X509_pop_free(chain, X509_free);
wpa_printf(MSG_WARNING, "TLS: Certificate verification failed,"
" error %d (%s) depth %d for '%s'", err, err_str,
@@ -2640,6 +2642,8 @@
return preverify_ok;
}
+ openssl_tls_cert_event(conn, err_cert, depth, buf);
+
wpa_printf(MSG_DEBUG, "TLS: tls_verify_cb - preverify_ok=%d "
"err=%d (%s) ca_cert_verify=%d depth=%d buf='%s'",
preverify_ok, err, err_str,
diff --git a/wpa_supplicant/aidl/aidl_manager.cpp b/wpa_supplicant/aidl/aidl_manager.cpp
index d7987e6..89b5432 100644
--- a/wpa_supplicant/aidl/aidl_manager.cpp
+++ b/wpa_supplicant/aidl/aidl_manager.cpp
@@ -2058,17 +2058,15 @@
return;
}
struct wpa_ssid *current_ssid = wpa_s->current_ssid;
+ if (!wpa_key_mgmt_wpa_ieee8021x(current_ssid->key_mgmt)) {
+ return;
+ }
if (NULL == subject || NULL == cert_hash || NULL == cert) {
wpa_printf(MSG_ERROR,
"Incomplete certificate information. Drop Certification event!");
return;
}
- if (!wpa_key_mgmt_wpa_ieee8021x(current_ssid->key_mgmt)) {
- wpa_printf(MSG_ERROR, "Not 802.1x configuration, Drop Certification event!");
- return;
- }
- if (current_ssid->eap.cert.ca_path || current_ssid->eap.cert.ca_cert) {
- wpa_printf(MSG_DEBUG, "Already has CA certificate. Drop Certification event!");
+ if (current_ssid->eap.cert.ca_cert) {
return;
}
diff --git a/wpa_supplicant/aidl/sta_iface.cpp b/wpa_supplicant/aidl/sta_iface.cpp
index fba4d30..238a092 100644
--- a/wpa_supplicant/aidl/sta_iface.cpp
+++ b/wpa_supplicant/aidl/sta_iface.cpp
@@ -2059,13 +2059,13 @@
struct wpa_mlo_signal_info mlo_si;
struct wpa_supplicant *wpa_s = retrieveIfacePtr();
- if (wpa_s->valid_links && wpa_drv_mlo_signal_poll(wpa_s, &mlo_si)) {
+ if (wpa_s->valid_links && (wpa_drv_mlo_signal_poll(wpa_s, &mlo_si) == 0)) {
for (int i = 0; i < MAX_NUM_MLD_LINKS; i++) {
if (!(mlo_si.valid_links & BIT(i)))
continue;
SignalPollResult result;
- result.linkId = 0;
+ result.linkId = i;
result.currentRssiDbm = mlo_si.links[i].data.signal;
result.txBitrateMbps = mlo_si.links[i].data.current_tx_rate / 1000;
result.rxBitrateMbps = mlo_si.links[i].data.current_rx_rate / 1000;