Cumulative patch from commit 6280df31bbbd015cb857630868a49c373325ba10
6280df3 Include CONTRIBUTIONS file in the release tarballs
b63b9a7 Change version information for the 2.2 release
6a98f67 ChangeLog entries for v2.2
d4b951f Fix offchannel TX not to retransmit pending frame on callback
95b6bca Add rsn_pairwise bits to set_ieee8021x() driver_ops
95f6f6a RADIUS/EAP server: Use longer username buffer to avoid truncation
5dff6df Fix off-by-one bounds checking in printf_encode()
Change-Id: I531fbbb2111da96174b89fd99507716df25bb1e6
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
diff --git a/src/ap/ap_drv_ops.c b/src/ap/ap_drv_ops.c
index 6d3ae5a..cc4ac10 100644
--- a/src/ap/ap_drv_ops.c
+++ b/src/ap/ap_drv_ops.c
@@ -280,7 +280,8 @@
params.wpa = hapd->conf->wpa;
params.ieee802_1x = hapd->conf->ieee802_1x;
params.wpa_group = hapd->conf->wpa_group;
- params.wpa_pairwise = hapd->conf->wpa_pairwise;
+ params.wpa_pairwise = hapd->conf->wpa_pairwise |
+ hapd->conf->rsn_pairwise;
params.wpa_key_mgmt = hapd->conf->wpa_key_mgmt;
params.rsn_preauth = hapd->conf->rsn_preauth;
#ifdef CONFIG_IEEE80211W
diff --git a/src/ap/beacon.c b/src/ap/beacon.c
index 27525dc..2a4acf2 100644
--- a/src/ap/beacon.c
+++ b/src/ap/beacon.c
@@ -882,8 +882,8 @@
params->basic_rates = hapd->iface->basic_rates;
params->ssid = hapd->conf->ssid.ssid;
params->ssid_len = hapd->conf->ssid.ssid_len;
- params->pairwise_ciphers = hapd->conf->rsn_pairwise ?
- hapd->conf->rsn_pairwise : hapd->conf->wpa_pairwise;
+ params->pairwise_ciphers = hapd->conf->wpa_pairwise |
+ hapd->conf->rsn_pairwise;
params->group_cipher = hapd->conf->wpa_group;
params->key_mgmt_suites = hapd->conf->wpa_key_mgmt;
params->auth_algs = hapd->conf->auth_algs;
diff --git a/src/common/version.h b/src/common/version.h
index fb3b4f5..340afc7 100644
--- a/src/common/version.h
+++ b/src/common/version.h
@@ -5,6 +5,6 @@
#define VERSION_STR_POSTFIX ""
#endif /* VERSION_STR_POSTFIX */
-#define VERSION_STR "2.2-devel" VERSION_STR_POSTFIX
+#define VERSION_STR "2.2" VERSION_STR_POSTFIX
#endif /* VERSION_H */
diff --git a/src/eap_server/eap_server_identity.c b/src/eap_server/eap_server_identity.c
index b3c2087..4501533 100644
--- a/src/eap_server/eap_server_identity.c
+++ b/src/eap_server/eap_server_identity.c
@@ -120,9 +120,9 @@
return; /* Should not happen - frame already validated */
wpa_hexdump_ascii(MSG_DEBUG, "EAP-Identity: Peer identity", pos, len);
- buf = os_malloc(len * 3 + 1);
+ buf = os_malloc(len * 4 + 1);
if (buf) {
- printf_encode(buf, len * 3 + 1, pos, len);
+ printf_encode(buf, len * 4 + 1, pos, len);
eap_log_msg(sm, "EAP-Response/Identity '%s'", buf);
os_free(buf);
}
diff --git a/src/eap_server/eap_server_mschapv2.c b/src/eap_server/eap_server_mschapv2.c
index 790c719..0eb7908 100644
--- a/src/eap_server/eap_server_mschapv2.c
+++ b/src/eap_server/eap_server_mschapv2.c
@@ -330,9 +330,9 @@
wpa_printf(MSG_MSGDUMP, "EAP-MSCHAPV2: Flags 0x%x", flags);
wpa_hexdump_ascii(MSG_MSGDUMP, "EAP-MSCHAPV2: Name", name, name_len);
- buf = os_malloc(name_len * 3 + 1);
+ buf = os_malloc(name_len * 4 + 1);
if (buf) {
- printf_encode(buf, name_len * 3 + 1, name, name_len);
+ printf_encode(buf, name_len * 4 + 1, name, name_len);
eap_log_msg(sm, "EAP-MSCHAPV2 Name '%s'", buf);
os_free(buf);
}
diff --git a/src/eap_server/eap_server_ttls.c b/src/eap_server/eap_server_ttls.c
index 24225a4..d09a769 100644
--- a/src/eap_server/eap_server_ttls.c
+++ b/src/eap_server/eap_server_ttls.c
@@ -985,9 +985,9 @@
if (parse.user_name) {
char *nbuf;
- nbuf = os_malloc(parse.user_name_len * 3 + 1);
+ nbuf = os_malloc(parse.user_name_len * 4 + 1);
if (nbuf) {
- printf_encode(nbuf, parse.user_name_len * 3 + 1,
+ printf_encode(nbuf, parse.user_name_len * 4 + 1,
parse.user_name,
parse.user_name_len);
eap_log_msg(sm, "TTLS-User-Name '%s'", nbuf);
diff --git a/src/radius/radius_server.c b/src/radius/radius_server.c
index 78c9961..c35ba55 100644
--- a/src/radius/radius_server.c
+++ b/src/radius/radius_server.c
@@ -639,12 +639,12 @@
sess->accept_attr = tmp.accept_attr;
sess->macacl = tmp.macacl;
- sess->username = os_malloc(user_len * 2 + 1);
+ sess->username = os_malloc(user_len * 4 + 1);
if (sess->username == NULL) {
radius_server_session_free(data, sess);
return NULL;
}
- printf_encode(sess->username, user_len * 2 + 1, user, user_len);
+ printf_encode(sess->username, user_len * 4 + 1, user, user_len);
sess->nas_ip = os_strdup(from_addr);
if (sess->nas_ip == NULL) {
diff --git a/src/utils/common.c b/src/utils/common.c
index 39751d4..7dc4797 100644
--- a/src/utils/common.c
+++ b/src/utils/common.c
@@ -350,7 +350,7 @@
size_t i;
for (i = 0; i < len; i++) {
- if (txt + 4 > end)
+ if (txt + 4 >= end)
break;
switch (data[i]) {
diff --git a/src/utils/utils_module_tests.c b/src/utils/utils_module_tests.c
index 75b169e..9a9ec40 100644
--- a/src/utils/utils_module_tests.c
+++ b/src/utils/utils_module_tests.c
@@ -67,6 +67,23 @@
}
}
+ buf[5] = 'A';
+ printf_encode(buf, 5, (const u8 *) "abcde", 5);
+ if (buf[5] != 'A') {
+ wpa_printf(MSG_ERROR, "Error in bounds checking#1");
+ errors++;
+ }
+
+ for (i = 5; i < 10; i++) {
+ buf[i] = 'A';
+ printf_encode(buf, i, (const u8 *) "\xdd\xdd\xdd\xdd\xdd", 5);
+ if (buf[i] != 'A') {
+ wpa_printf(MSG_ERROR, "Error in bounds checking#2(%d)",
+ i);
+ errors++;
+ }
+ }
+
if (errors) {
wpa_printf(MSG_ERROR, "%d printf test(s) failed", errors);
return -1;