diff options
| author | Dmitry Shmidt <dimitrysh@google.com> | 2014-04-08 10:50:52 -0700 |
|---|---|---|
| committer | Dmitry Shmidt <dimitrysh@google.com> | 2014-04-08 10:50:52 -0700 |
| commit | 21de214b4ba4271ca20843f3b8fba9f1501b2a89 (patch) | |
| tree | 8f74833823ddf246c1e6a7c76f26ef311f34afe2 | |
| parent | 0cfd5f779f6cdd2f774a27bb1dec95d3940cd16a (diff) | |
| download | android_external_wpa_supplicant_8-21de214b4ba4271ca20843f3b8fba9f1501b2a89.tar.gz android_external_wpa_supplicant_8-21de214b4ba4271ca20843f3b8fba9f1501b2a89.tar.bz2 android_external_wpa_supplicant_8-21de214b4ba4271ca20843f3b8fba9f1501b2a89.zip | |
Cumulative patch from commit 4a16a0bd550401a50dedfcf701f6dcc7a3598133i
4a16a0b nl80211: Add QCA vendor subcmd for NAN
f8b10c1 Fix CONFIG_AP=y build without CONFIG_P2P=y
f05cee9 P2P: Clear p2p_in_invitation on cancel
ec331d0 WNM: Fix deinit path to clean neighbor report count
679f2e7 WPS NFC: Remove NFC_RX_HANDOVER_SEL
dc39004 WPS: Remove unused WEP related functionality
9437c2d EAP-pwd peer: Fix fragmentation of PWD-Confirm-Resp
48f668e EAP-pwd: Fix memory leak on error path with fragmentation
9ff4de6 Move DROP_SA command to be within ifdef CONFIG_TESTING_OPTIONS
e1a273a Remove used KDE addition code from EAPOL-Key msg 4/4
9a147ba WNM: Fix regression in Sleep Mode exit key data parsing
76d3fb1 Remove unused wpa_sm_get_param() function
ed42993 TDLS: Add test mode for MIC failure testing
5784b9a Fix memory leaks in hostapd configuration updates
Change-Id: I7f1ec783ac791e06178f9c8b9be9119ac46aa745
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
| -rw-r--r-- | hostapd/config_file.c | 7 | ||||
| -rw-r--r-- | src/ap/wps_hostapd.c | 14 | ||||
| -rw-r--r-- | src/common/qca-vendor.h | 7 | ||||
| -rw-r--r-- | src/eap_peer/eap_pwd.c | 24 | ||||
| -rw-r--r-- | src/eap_peer/eap_wsc.c | 2 | ||||
| -rw-r--r-- | src/eap_server/eap_server_pwd.c | 4 | ||||
| -rw-r--r-- | src/rsn_supp/peerkey.c | 2 | ||||
| -rw-r--r-- | src/rsn_supp/tdls.c | 13 | ||||
| -rw-r--r-- | src/rsn_supp/wpa.c | 55 | ||||
| -rw-r--r-- | src/rsn_supp/wpa.h | 8 | ||||
| -rw-r--r-- | src/rsn_supp/wpa_i.h | 1 | ||||
| -rw-r--r-- | src/wps/wps_defs.h | 4 | ||||
| -rw-r--r-- | src/wps/wps_registrar.c | 10 | ||||
| -rw-r--r-- | wpa_supplicant/README-WPS | 11 | ||||
| -rw-r--r-- | wpa_supplicant/ap.c | 5 | ||||
| -rw-r--r-- | wpa_supplicant/ctrl_iface.c | 38 | ||||
| -rw-r--r-- | wpa_supplicant/dbus/dbus_new.c | 11 | ||||
| -rw-r--r-- | wpa_supplicant/p2p_supplicant.c | 7 | ||||
| -rw-r--r-- | wpa_supplicant/wnm_sta.c | 9 | ||||
| -rw-r--r-- | wpa_supplicant/wpa_cli.c | 33 | ||||
| -rw-r--r-- | wpa_supplicant/wps_supplicant.c | 45 | ||||
| -rw-r--r-- | wpa_supplicant/wps_supplicant.h | 2 |
22 files changed, 102 insertions, 210 deletions
diff --git a/hostapd/config_file.c b/hostapd/config_file.c index 26e64fa8..6ad1ca7a 100644 --- a/hostapd/config_file.c +++ b/hostapd/config_file.c @@ -2049,6 +2049,7 @@ static int hostapd_config_fill(struct hostapd_config *conf, #endif /* EAP_SERVER */ } else if (os_strcmp(buf, "eap_message") == 0) { char *term; + os_free(bss->eap_req_id_text); bss->eap_req_id_text = os_strdup(pos); if (bss->eap_req_id_text == NULL) { wpa_printf(MSG_ERROR, "Line %d: Failed to allocate memory for eap_req_id_text", @@ -2112,6 +2113,7 @@ static int hostapd_config_fill(struct hostapd_config *conf, return 1; } } else if (os_strcmp(buf, "nas_identifier") == 0) { + os_free(bss->nas_identifier); bss->nas_identifier = os_strdup(pos); #ifndef CONFIG_NO_RADIUS } else if (os_strcmp(buf, "auth_server_addr") == 0) { @@ -2136,6 +2138,7 @@ static int hostapd_config_fill(struct hostapd_config *conf, line); return 1; } + os_free(bss->radius->auth_server->shared_secret); bss->radius->auth_server->shared_secret = (u8 *) os_strdup(pos); bss->radius->auth_server->shared_secret_len = len; } else if (os_strcmp(buf, "acct_server_addr") == 0) { @@ -2160,6 +2163,7 @@ static int hostapd_config_fill(struct hostapd_config *conf, line); return 1; } + os_free(bss->radius->acct_server->shared_secret); bss->radius->acct_server->shared_secret = (u8 *) os_strdup(pos); bss->radius->acct_server->shared_secret_len = len; } else if (os_strcmp(buf, "radius_retry_primary_interval") == 0) { @@ -2315,6 +2319,7 @@ static int hostapd_config_fill(struct hostapd_config *conf, } else if (os_strcmp(buf, "rsn_preauth") == 0) { bss->rsn_preauth = atoi(pos); } else if (os_strcmp(buf, "rsn_preauth_interfaces") == 0) { + os_free(bss->rsn_preauth_interfaces); bss->rsn_preauth_interfaces = os_strdup(pos); #endif /* CONFIG_RSN_PREAUTH */ #ifdef CONFIG_PEERKEY @@ -2564,6 +2569,7 @@ static int hostapd_config_fill(struct hostapd_config *conf, } #ifdef CONFIG_FULL_DYNAMIC_VLAN } else if (os_strcmp(buf, "vlan_tagged_interface") == 0) { + os_free(bss->ssid.vlan_tagged_interface); bss->ssid.vlan_tagged_interface = os_strdup(pos); #endif /* CONFIG_FULL_DYNAMIC_VLAN */ #endif /* CONFIG_NO_VLAN */ @@ -2768,6 +2774,7 @@ static int hostapd_config_fill(struct hostapd_config *conf, return 1; } } else if (os_strcmp(buf, "upnp_iface") == 0) { + os_free(bss->upnp_iface); bss->upnp_iface = os_strdup(pos); } else if (os_strcmp(buf, "friendly_name") == 0) { os_free(bss->friendly_name); diff --git a/src/ap/wps_hostapd.c b/src/ap/wps_hostapd.c index 17217a13..f1656701 100644 --- a/src/ap/wps_hostapd.c +++ b/src/ap/wps_hostapd.c @@ -1070,18 +1070,6 @@ int hostapd_init_wps(struct hostapd_data *hapd, if (conf->ssid.security_policy == SECURITY_PLAINTEXT) { wps->encr_types |= WPS_ENCR_NONE; wps->auth_types |= WPS_AUTH_OPEN; - } else if (conf->ssid.security_policy == SECURITY_STATIC_WEP) { - wps->encr_types |= WPS_ENCR_WEP; - if (conf->auth_algs & WPA_AUTH_ALG_OPEN) - wps->auth_types |= WPS_AUTH_OPEN; - if (conf->auth_algs & WPA_AUTH_ALG_SHARED) - wps->auth_types |= WPS_AUTH_SHARED; - } else if (conf->ssid.security_policy == SECURITY_IEEE_802_1X) { - wps->auth_types |= WPS_AUTH_OPEN; - if (conf->default_wep_key_len) - wps->encr_types |= WPS_ENCR_WEP; - else - wps->encr_types |= WPS_ENCR_NONE; } if (conf->ssid.wpa_psk_file) { @@ -1642,8 +1630,6 @@ int hostapd_wps_config_ap(struct hostapd_data *hapd, const char *ssid, if (encr) { if (os_strncmp(encr, "NONE", 4) == 0) cred.encr_type = WPS_ENCR_NONE; - else if (os_strncmp(encr, "WEP", 3) == 0) - cred.encr_type = WPS_ENCR_WEP; else if (os_strncmp(encr, "TKIP", 4) == 0) cred.encr_type = WPS_ENCR_TKIP; else if (os_strncmp(encr, "CCMP", 4) == 0) diff --git a/src/common/qca-vendor.h b/src/common/qca-vendor.h index 80bad4f8..cea47017 100644 --- a/src/common/qca-vendor.h +++ b/src/common/qca-vendor.h @@ -32,6 +32,10 @@ * * @QCA_NL80211_VENDOR_SUBCMD_DFS_CAPABILITY: Command to check driver support * for DFS offloading. + * + * @QCA_NL80211_VENDOR_SUBCMD_NAN: NAN command/event which is used to pass + * NAN Request/Response and NAN Indication messages. These messages are + * interpreted between the framework and the firmware component. */ enum qca_nl80211_vendor_subcmds { QCA_NL80211_VENDOR_SUBCMD_UNSPEC = 0, @@ -39,6 +43,7 @@ enum qca_nl80211_vendor_subcmds { /* subcmds 2..9 not yet allocated */ QCA_NL80211_VENDOR_SUBCMD_AVOID_FREQUENCY = 10, QCA_NL80211_VENDOR_SUBCMD_DFS_CAPABILITY = 11, + QCA_NL80211_VENDOR_SUBCMD_NAN = 12, }; @@ -56,6 +61,8 @@ enum qca_wlan_vendor_attr { QCA_WLAN_VENDOR_ATTR_INVALID = 0, /* used by QCA_NL80211_VENDOR_SUBCMD_DFS_CAPABILITY */ QCA_WLAN_VENDOR_ATTR_DFS = 1, + /* used by QCA_NL80211_VENDOR_SUBCMD_NAN */ + QCA_WLAN_VENDOR_ATTR_NAN = 2, /* keep last */ QCA_WLAN_VENDOR_ATTR_AFTER_LAST, QCA_WLAN_VENDOR_ATTR_MAX = QCA_WLAN_VENDOR_ATTR_AFTER_LAST - 1, diff --git a/src/eap_peer/eap_pwd.c b/src/eap_peer/eap_pwd.c index fef47837..e4168fc0 100644 --- a/src/eap_peer/eap_pwd.c +++ b/src/eap_peer/eap_pwd.c @@ -16,7 +16,8 @@ struct eap_pwd_data { enum { - PWD_ID_Req, PWD_Commit_Req, PWD_Confirm_Req, SUCCESS, FAILURE + PWD_ID_Req, PWD_Commit_Req, PWD_Confirm_Req, + SUCCESS_ON_FRAG_COMPLETION, SUCCESS, FAILURE } state; u8 *id_peer; size_t id_peer_len; @@ -57,6 +58,8 @@ static const char * eap_pwd_state_txt(int state) return "PWD-Commit-Req"; case PWD_Confirm_Req: return "PWD-Confirm-Req"; + case SUCCESS_ON_FRAG_COMPLETION: + return "SUCCESS_ON_FRAG_COMPLETION"; case SUCCESS: return "SUCCESS"; case FAILURE: @@ -161,6 +164,8 @@ static void eap_pwd_deinit(struct eap_sm *sm, void *priv) BN_free(data->grp->prime); os_free(data->grp); } + wpabuf_free(data->inbuf); + wpabuf_free(data->outbuf); os_free(data); } @@ -658,13 +663,12 @@ fin: os_free(cruft); BN_free(x); BN_free(y); - ret->methodState = METHOD_DONE; if (data->outbuf == NULL) { + ret->methodState = METHOD_DONE; ret->decision = DECISION_FAIL; eap_pwd_state(data, FAILURE); } else { - ret->decision = DECISION_UNCOND_SUCC; - eap_pwd_state(data, SUCCESS); + eap_pwd_state(data, SUCCESS_ON_FRAG_COMPLETION); } } @@ -741,6 +745,11 @@ eap_pwd_process(struct eap_sm *sm, void *priv, struct eap_method_ret *ret, wpa_printf(MSG_DEBUG, "EAP-pwd: Send %s fragment of %d bytes", data->out_frag_pos == 0 ? "last" : "next", (int) len); + if (data->state == SUCCESS_ON_FRAG_COMPLETION) { + ret->methodState = METHOD_DONE; + ret->decision = DECISION_UNCOND_SUCC; + eap_pwd_state(data, SUCCESS); + } return resp; } @@ -773,6 +782,7 @@ eap_pwd_process(struct eap_sm *sm, void *priv, struct eap_method_ret *ret, (int) data->in_frag_pos, (int) wpabuf_len(data->inbuf)); wpabuf_free(data->inbuf); + data->inbuf = NULL; data->in_frag_pos = 0; return NULL; } @@ -824,6 +834,7 @@ eap_pwd_process(struct eap_sm *sm, void *priv, struct eap_method_ret *ret, */ if (data->in_frag_pos) { wpabuf_free(data->inbuf); + data->inbuf = NULL; data->in_frag_pos = 0; } @@ -871,6 +882,11 @@ eap_pwd_process(struct eap_sm *sm, void *priv, struct eap_method_ret *ret, wpabuf_free(data->outbuf); data->outbuf = NULL; data->out_frag_pos = 0; + if (data->state == SUCCESS_ON_FRAG_COMPLETION) { + ret->methodState = METHOD_DONE; + ret->decision = DECISION_UNCOND_SUCC; + eap_pwd_state(data, SUCCESS); + } } return resp; diff --git a/src/eap_peer/eap_wsc.c b/src/eap_peer/eap_wsc.c index 6bdd3411..23e98237 100644 --- a/src/eap_peer/eap_wsc.c +++ b/src/eap_peer/eap_wsc.c @@ -106,8 +106,10 @@ static int eap_wsc_new_ap_settings(struct wps_credential *cred, } if (os_strncmp(pos + 9, "NONE", 4) == 0) cred->encr_type = WPS_ENCR_NONE; +#ifdef CONFIG_TESTING_OPTIONS else if (os_strncmp(pos + 9, "WEP", 3) == 0) cred->encr_type = WPS_ENCR_WEP; +#endif /* CONFIG_TESTING_OPTIONS */ else if (os_strncmp(pos + 9, "TKIP", 4) == 0) cred->encr_type = WPS_ENCR_TKIP; else if (os_strncmp(pos + 9, "CCMP", 4) == 0) diff --git a/src/eap_server/eap_server_pwd.c b/src/eap_server/eap_server_pwd.c index b61061bc..3467dd16 100644 --- a/src/eap_server/eap_server_pwd.c +++ b/src/eap_server/eap_server_pwd.c @@ -150,6 +150,8 @@ static void eap_pwd_reset(struct eap_sm *sm, void *priv) BN_free(data->grp->prime); os_free(data->grp); } + wpabuf_free(data->inbuf); + wpabuf_free(data->outbuf); os_free(data); } @@ -523,6 +525,7 @@ eap_pwd_build_req(struct eap_sm *sm, void *priv, u8 id) */ if (data->out_frag_pos >= wpabuf_len(data->outbuf)) { wpabuf_free(data->outbuf); + data->outbuf = NULL; data->out_frag_pos = 0; } @@ -949,6 +952,7 @@ static void eap_pwd_process(struct eap_sm *sm, void *priv, */ if (data->in_frag_pos) { wpabuf_free(data->inbuf); + data->inbuf = NULL; data->in_frag_pos = 0; } } diff --git a/src/rsn_supp/peerkey.c b/src/rsn_supp/peerkey.c index cb86dfbc..88550e4b 100644 --- a/src/rsn_supp/peerkey.c +++ b/src/rsn_supp/peerkey.c @@ -858,7 +858,7 @@ static void wpa_supplicant_process_stk_3_of_4(struct wpa_sm *sm, if (wpa_supplicant_send_4_of_4(sm, peerkey->addr, key, ver, WPA_GET_BE16(key->key_info), - NULL, 0, &peerkey->stk)) + &peerkey->stk)) return; _key = (u8 *) peerkey->stk.tk1; diff --git a/src/rsn_supp/tdls.c b/src/rsn_supp/tdls.c index 62a2a591..ea293699 100644 --- a/src/rsn_supp/tdls.c +++ b/src/rsn_supp/tdls.c @@ -33,6 +33,7 @@ #define TDLS_TESTING_NO_TPK_EXPIRATION BIT(8) #define TDLS_TESTING_DECLINE_RESP BIT(9) #define TDLS_TESTING_IGNORE_AP_PROHIBIT BIT(10) +#define TDLS_TESTING_WRONG_MIC BIT(11) unsigned int tdls_testing = 0; #endif /* CONFIG_TDLS_TESTING */ @@ -1213,6 +1214,12 @@ static int wpa_tdls_send_tpk_m2(struct wpa_sm *sm, /* compute MIC before sending */ wpa_tdls_ftie_mic(peer->tpk.kck, 2, (u8 *) lnkid, peer->rsnie_p, (u8 *) &timeoutie, (u8 *) ftie, ftie->mic); +#ifdef CONFIG_TDLS_TESTING + if (tdls_testing & TDLS_TESTING_WRONG_MIC) { + wpa_printf(MSG_DEBUG, "TDLS: Testing - use wrong MIC"); + ftie->mic[0] ^= 0x01; + } +#endif /* CONFIG_TDLS_TESTING */ skip_ies: status = wpa_tdls_tpk_send(sm, src_addr, WLAN_TDLS_SETUP_RESPONSE, @@ -1296,6 +1303,12 @@ static int wpa_tdls_send_tpk_m3(struct wpa_sm *sm, /* compute MIC before sending */ wpa_tdls_ftie_mic(peer->tpk.kck, 3, (u8 *) lnkid, peer->rsnie_p, (u8 *) &timeoutie, (u8 *) ftie, ftie->mic); +#ifdef CONFIG_TDLS_TESTING + if (tdls_testing & TDLS_TESTING_WRONG_MIC) { + wpa_printf(MSG_DEBUG, "TDLS: Testing - use wrong MIC"); + ftie->mic[0] ^= 0x01; + } +#endif /* CONFIG_TDLS_TESTING */ if (peer->vht_capabilities) peer_capab |= TDLS_PEER_VHT; diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c index 77d7991f..5c007260 100644 --- a/src/rsn_supp/wpa.c +++ b/src/rsn_supp/wpa.c @@ -1020,27 +1020,20 @@ static int wpa_supplicant_validate_ie(struct wpa_sm *sm, * @key: Pointer to the EAPOL-Key frame header * @ver: Version bits from EAPOL-Key Key Info * @key_info: Key Info - * @kde: KDEs to include the EAPOL-Key frame - * @kde_len: Length of KDEs * @ptk: PTK to use for keyed hash and encryption * Returns: 0 on success, -1 on failure */ int wpa_supplicant_send_4_of_4(struct wpa_sm *sm, const unsigned char *dst, const struct wpa_eapol_key *key, u16 ver, u16 key_info, - const u8 *kde, size_t kde_len, struct wpa_ptk *ptk) { size_t rlen; struct wpa_eapol_key *reply; u8 *rbuf; - if (kde) - wpa_hexdump(MSG_DEBUG, "WPA: KDE for msg 4/4", kde, kde_len); - rbuf = wpa_sm_alloc_eapol(sm, IEEE802_1X_TYPE_EAPOL_KEY, NULL, - sizeof(*reply) + kde_len, - &rlen, (void *) &reply); + sizeof(*reply), &rlen, (void *) &reply); if (rbuf == NULL) return -1; @@ -1057,9 +1050,7 @@ int wpa_supplicant_send_4_of_4(struct wpa_sm *sm, const unsigned char *dst, os_memcpy(reply->replay_counter, key->replay_counter, WPA_REPLAY_COUNTER_LEN); - WPA_PUT_BE16(reply->key_data_length, kde_len); - if (kde) - os_memcpy(reply + 1, kde, kde_len); + WPA_PUT_BE16(reply->key_data_length, 0); wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: Sending EAPOL-Key 4/4"); wpa_eapol_key_send(sm, ptk->kck, ver, dst, ETH_P_EAPOL, @@ -1140,7 +1131,7 @@ static void wpa_supplicant_process_3_of_4(struct wpa_sm *sm, #endif /* CONFIG_P2P */ if (wpa_supplicant_send_4_of_4(sm, sm->bssid, key, ver, key_info, - NULL, 0, &sm->ptk)) { + &sm->ptk)) { goto failed; } @@ -2396,44 +2387,6 @@ int wpa_sm_set_param(struct wpa_sm *sm, enum wpa_sm_conf_params param, /** - * wpa_sm_get_param - Get WPA state machine parameters - * @sm: Pointer to WPA state machine data from wpa_sm_init() - * @param: Parameter field - * Returns: Parameter value - */ -unsigned int wpa_sm_get_param(struct wpa_sm *sm, enum wpa_sm_conf_params param) -{ - if (sm == NULL) - return 0; - - switch (param) { - case RSNA_PMK_LIFETIME: - return sm->dot11RSNAConfigPMKLifetime; - case RSNA_PMK_REAUTH_THRESHOLD: - return sm->dot11RSNAConfigPMKReauthThreshold; - case RSNA_SA_TIMEOUT: - return sm->dot11RSNAConfigSATimeout; - case WPA_PARAM_PROTO: - return sm->proto; - case WPA_PARAM_PAIRWISE: - return sm->pairwise_cipher; - case WPA_PARAM_GROUP: - return sm->group_cipher; - case WPA_PARAM_KEY_MGMT: - return sm->key_mgmt; -#ifdef CONFIG_IEEE80211W - case WPA_PARAM_MGMT_GROUP: - return sm->mgmt_group_cipher; -#endif /* CONFIG_IEEE80211W */ - case WPA_PARAM_RSN_ENABLED: - return sm->rsn_enabled; - default: - return 0; - } -} - - -/** * wpa_sm_get_status - Get WPA state machine * @sm: Pointer to WPA state machine data from wpa_sm_init() * @buf: Buffer for status information @@ -2674,6 +2627,7 @@ int wpa_sm_pmksa_cache_list(struct wpa_sm *sm, char *buf, size_t len) } +#ifdef CONFIG_TESTING_OPTIONS void wpa_sm_drop_sa(struct wpa_sm *sm) { wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: Clear old PMK and PTK"); @@ -2683,6 +2637,7 @@ void wpa_sm_drop_sa(struct wpa_sm *sm) os_memset(&sm->ptk, 0, sizeof(sm->ptk)); os_memset(&sm->tptk, 0, sizeof(sm->tptk)); } +#endif /* CONFIG_TESTING_OPTIONS */ int wpa_sm_has_ptk(struct wpa_sm *sm) diff --git a/src/rsn_supp/wpa.h b/src/rsn_supp/wpa.h index df103422..61d441a9 100644 --- a/src/rsn_supp/wpa.h +++ b/src/rsn_supp/wpa.h @@ -123,8 +123,6 @@ int wpa_sm_get_mib(struct wpa_sm *sm, char *buf, size_t buflen); int wpa_sm_set_param(struct wpa_sm *sm, enum wpa_sm_conf_params param, unsigned int value); -unsigned int wpa_sm_get_param(struct wpa_sm *sm, - enum wpa_sm_conf_params param); int wpa_sm_get_status(struct wpa_sm *sm, char *buf, size_t buflen, int verbose); @@ -240,12 +238,6 @@ static inline int wpa_sm_set_param(struct wpa_sm *sm, return -1; } -static inline unsigned int wpa_sm_get_param(struct wpa_sm *sm, - enum wpa_sm_conf_params param) -{ - return 0; -} - static inline int wpa_sm_get_status(struct wpa_sm *sm, char *buf, size_t buflen, int verbose) { diff --git a/src/rsn_supp/wpa_i.h b/src/rsn_supp/wpa_i.h index f2fd2857..e20e9dac 100644 --- a/src/rsn_supp/wpa_i.h +++ b/src/rsn_supp/wpa_i.h @@ -321,7 +321,6 @@ int wpa_supplicant_send_2_of_4(struct wpa_sm *sm, const unsigned char *dst, int wpa_supplicant_send_4_of_4(struct wpa_sm *sm, const unsigned char *dst, const struct wpa_eapol_key *key, u16 ver, u16 key_info, - const u8 *kde, size_t kde_len, struct wpa_ptk *ptk); int wpa_derive_ptk_ft(struct wpa_sm *sm, const unsigned char *src_addr, diff --git a/src/wps/wps_defs.h b/src/wps/wps_defs.h index a5ba2548..f483e2e8 100644 --- a/src/wps/wps_defs.h +++ b/src/wps/wps_defs.h @@ -179,7 +179,7 @@ enum wps_msg_type { /* Authentication Type Flags */ #define WPS_AUTH_OPEN 0x0001 #define WPS_AUTH_WPAPSK 0x0002 -#define WPS_AUTH_SHARED 0x0004 +#define WPS_AUTH_SHARED 0x0004 /* deprecated */ #define WPS_AUTH_WPA 0x0008 #define WPS_AUTH_WPA2 0x0010 #define WPS_AUTH_WPA2PSK 0x0020 @@ -188,7 +188,7 @@ enum wps_msg_type { /* Encryption Type Flags */ #define WPS_ENCR_NONE 0x0001 -#define WPS_ENCR_WEP 0x0002 +#define WPS_ENCR_WEP 0x0002 /* deprecated */ #define WPS_ENCR_TKIP 0x0004 #define WPS_ENCR_AES 0x0008 #define WPS_ENCR_TYPES (WPS_ENCR_NONE | WPS_ENCR_WEP | WPS_ENCR_TKIP | \ diff --git a/src/wps/wps_registrar.c b/src/wps/wps_registrar.c index c47ec461..b917e6b0 100644 --- a/src/wps/wps_registrar.c +++ b/src/wps/wps_registrar.c @@ -1599,8 +1599,6 @@ int wps_build_cred(struct wps_data *wps, struct wpabuf *msg) wps->auth_type = WPS_AUTH_WPAPSK; else if (wps->auth_type & WPS_AUTH_OPEN) wps->auth_type = WPS_AUTH_OPEN; - else if (wps->auth_type & WPS_AUTH_SHARED) - wps->auth_type = WPS_AUTH_SHARED; else { wpa_printf(MSG_DEBUG, "WPS: Unsupported auth_type 0x%x", wps->auth_type); @@ -1620,10 +1618,12 @@ int wps_build_cred(struct wps_data *wps, struct wpabuf *msg) return -1; } } else { - if (wps->encr_type & WPS_ENCR_WEP) - wps->encr_type = WPS_ENCR_WEP; - else if (wps->encr_type & WPS_ENCR_NONE) + if (wps->encr_type & WPS_ENCR_NONE) wps->encr_type = WPS_ENCR_NONE; +#ifdef CONFIG_TESTING_OPTIONS + else if (wps->encr_type & WPS_ENCR_WEP) + wps->encr_type = WPS_ENCR_WEP; +#endif /* CONFIG_TESTING_OPTIONS */ else { wpa_printf(MSG_DEBUG, "WPS: No suitable encryption " "type for non-WPA/WPA2 mode"); diff --git a/wpa_supplicant/README-WPS b/wpa_supplicant/README-WPS index a33b0f06..b884f67a 100644 --- a/wpa_supplicant/README-WPS +++ b/wpa_supplicant/README-WPS @@ -381,17 +381,6 @@ UUID|BSSID argument is included, this is a request to build the handover message for the specified AP when wpa_supplicant is operating as a WPS ER. -"nfc_rx_handover_req <hexdump of payload>" is used to indicate receipt -of NFC connection handover request. The payload may include multiple -carriers the the applicable ones are matched based on the media -type. The reply data is contents for the Handover Select Message -(hexdump). - -"nfc_rx_handover_sel <hexdump of payload>" is used to indicate receipt -of NFC connection handover select. The payload may include multiple -carriers the the applicable ones are matched based on the media -type. - "nfc_report_handover <INIT/RESP> WPS <carrier from handover request> <carrier from handover select>" can be used as an alternative way for reporting completed NFC connection handover. The first parameter diff --git a/wpa_supplicant/ap.c b/wpa_supplicant/ap.c index e7d59de9..b02c424f 100644 --- a/wpa_supplicant/ap.c +++ b/wpa_supplicant/ap.c @@ -48,6 +48,7 @@ static void wpas_conf_ap_vht(struct wpa_supplicant *wpa_s, struct hostapd_config *conf, struct hostapd_hw_modes *mode) { +#ifdef CONFIG_P2P u8 center_chan = 0; u8 channel = conf->channel; @@ -66,6 +67,10 @@ static void wpas_conf_ap_vht(struct wpa_supplicant *wpa_s, no_vht: conf->vht_oper_centr_freq_seg0_idx = channel + conf->secondary_channel * 2; +#else /* CONFIG_P2P */ + conf->vht_oper_centr_freq_seg0_idx = + conf->channel + conf->secondary_channel * 2; +#endif /* CONFIG_P2P */ } #endif /* CONFIG_IEEE80211N */ diff --git a/wpa_supplicant/ctrl_iface.c b/wpa_supplicant/ctrl_iface.c index 13c08308..f50154e1 100644 --- a/wpa_supplicant/ctrl_iface.c +++ b/wpa_supplicant/ctrl_iface.c @@ -1094,33 +1094,6 @@ static int wpas_ctrl_nfc_get_handover_sel(struct wpa_supplicant *wpa_s, } -static int wpas_ctrl_nfc_rx_handover_sel(struct wpa_supplicant *wpa_s, - char *cmd) -{ - size_t len; - struct wpabuf *buf; - int ret; - - len = os_strlen(cmd); - if (len & 0x01) - return -1; - len /= 2; - - buf = wpabuf_alloc(len); - if (buf == NULL) - return -1; - if (hexstr2bin(cmd, wpabuf_put(buf, len), len) < 0) { - wpabuf_free(buf); - return -1; - } - - ret = wpas_wps_nfc_rx_handover_sel(wpa_s, buf); - wpabuf_free(buf); - - return ret; -} - - static int wpas_ctrl_nfc_report_handover(struct wpa_supplicant *wpa_s, char *cmd) { @@ -3819,6 +3792,7 @@ static int wpa_supplicant_ctrl_iface_bss_flush( } +#ifdef CONFIG_TESTING_OPTIONS static void wpa_supplicant_ctrl_iface_drop_sa(struct wpa_supplicant *wpa_s) { wpa_printf(MSG_DEBUG, "Dropping SA without deauthentication"); @@ -3840,6 +3814,7 @@ static void wpa_supplicant_ctrl_iface_drop_sa(struct wpa_supplicant *wpa_s) MLME_SETPROTECTION_KEY_TYPE_PAIRWISE); wpa_sm_drop_sa(wpa_s->wpa); } +#endif /* CONFIG_TESTING_OPTIONS */ static int wpa_supplicant_ctrl_iface_roam(struct wpa_supplicant *wpa_s, @@ -5594,6 +5569,7 @@ static void wpa_supplicant_ctrl_iface_flush(struct wpa_supplicant *wpa_s) wpa_dbg(wpa_s, MSG_DEBUG, "Flush all wpa_supplicant state"); #ifdef CONFIG_P2P + wpas_p2p_cancel(wpa_s); wpas_p2p_stop_find(wpa_s); p2p_ctrl_flush(wpa_s); wpas_p2p_group_remove(wpa_s, "*"); @@ -6069,8 +6045,7 @@ char * wpa_supplicant_ctrl_iface_process(struct wpa_supplicant *wpa_s, os_strlen(WPA_CTRL_RSP)) == 0 ? WPA_CTRL_RSP : "SET_NETWORK"); } else if (os_strncmp(buf, "WPS_NFC_TAG_READ", 16) == 0 || - os_strncmp(buf, "NFC_REPORT_HANDOVER", 19) == 0 || - os_strncmp(buf, "NFC_RX_HANDOVER_SEL", 19) == 0) { + os_strncmp(buf, "NFC_REPORT_HANDOVER", 19) == 0) { wpa_hexdump_ascii_key(MSG_DEBUG, "RX ctrl_iface", (const u8 *) buf, os_strlen(buf)); } else { @@ -6208,9 +6183,6 @@ char * wpa_supplicant_ctrl_iface_process(struct wpa_supplicant *wpa_s, } else if (os_strncmp(buf, "NFC_GET_HANDOVER_SEL ", 21) == 0) { reply_len = wpas_ctrl_nfc_get_handover_sel( wpa_s, buf + 21, reply, reply_size); - } else if (os_strncmp(buf, "NFC_RX_HANDOVER_SEL ", 20) == 0) { - if (wpas_ctrl_nfc_rx_handover_sel(wpa_s, buf + 20)) - reply_len = -1; } else if (os_strncmp(buf, "NFC_REPORT_HANDOVER ", 20) == 0) { if (wpas_ctrl_nfc_report_handover(wpa_s, buf + 20)) reply_len = -1; @@ -6540,8 +6512,10 @@ char * wpa_supplicant_ctrl_iface_process(struct wpa_supplicant *wpa_s, wpas_notify_suspend(wpa_s->global); } else if (os_strcmp(buf, "RESUME") == 0) { wpas_notify_resume(wpa_s->global); +#ifdef CONFIG_TESTING_OPTIONS } else if (os_strcmp(buf, "DROP_SA") == 0) { wpa_supplicant_ctrl_iface_drop_sa(wpa_s); +#endif /* CONFIG_TESTING_OPTIONS */ } else if (os_strncmp(buf, "ROAM ", 5) == 0) { if (wpa_supplicant_ctrl_iface_roam(wpa_s, buf + 5)) reply_len = -1; diff --git a/wpa_supplicant/dbus/dbus_new.c b/wpa_supplicant/dbus/dbus_new.c index a0653f07..aab22250 100644 --- a/wpa_supplicant/dbus/dbus_new.c +++ b/wpa_supplicant/dbus/dbus_new.c @@ -709,9 +709,9 @@ void wpas_dbus_signal_wps_cred(struct wpa_supplicant *wpa_s, DBusMessage *msg; DBusMessageIter iter, dict_iter; struct wpas_dbus_priv *iface; - char *auth_type[6]; /* we have six possible authorization types */ + char *auth_type[5]; /* we have five possible authentication types */ int at_num = 0; - char *encr_type[4]; /* we have four possible encryption types */ + char *encr_type[3]; /* we have three possible encryption types */ int et_num = 0; iface = wpa_s->global->dbus; @@ -734,20 +734,15 @@ void wpas_dbus_signal_wps_cred(struct wpa_supplicant *wpa_s, auth_type[at_num++] = "open"; if (cred->auth_type & WPS_AUTH_WPAPSK) auth_type[at_num++] = "wpa-psk"; - if (cred->auth_type & WPS_AUTH_SHARED) - auth_type[at_num++] = "shared"; if (cred->auth_type & WPS_AUTH_WPA) auth_type[at_num++] = "wpa-eap"; if (cred->auth_type & WPS_AUTH_WPA2) auth_type[at_num++] = "wpa2-eap"; if (cred->auth_type & WPS_AUTH_WPA2PSK) - auth_type[at_num++] = - "wpa2-psk"; + auth_type[at_num++] = "wpa2-psk"; if (cred->encr_type & WPS_ENCR_NONE) encr_type[et_num++] = "none"; - if (cred->encr_type & WPS_ENCR_WEP) - encr_type[et_num++] = "wep"; if (cred->encr_type & WPS_ENCR_TKIP) encr_type[et_num++] = "tkip"; if (cred->encr_type & WPS_ENCR_AES) diff --git a/wpa_supplicant/p2p_supplicant.c b/wpa_supplicant/p2p_supplicant.c index 303b7feb..49b2cd28 100644 --- a/wpa_supplicant/p2p_supplicant.c +++ b/wpa_supplicant/p2p_supplicant.c @@ -823,6 +823,7 @@ static void wpas_group_formation_completed(struct wpa_supplicant *wpa_s, wpa_s->global->p2p_group_formation = NULL; wpa_s->p2p_in_provisioning = 0; } + wpa_s->p2p_in_invitation = 0; if (!success) { wpa_msg_global(wpa_s->parent, MSG_INFO, @@ -6480,6 +6481,11 @@ int wpas_p2p_cancel(struct wpa_supplicant *wpa_s) wpas_p2p_group_delete(wpa_s, P2P_GROUP_REMOVAL_REQUESTED); break; + } else if (wpa_s->p2p_in_invitation) { + wpa_printf(MSG_DEBUG, "P2P: Interface %s in invitation found - cancelling", + wpa_s->ifname); + found = 1; + wpas_p2p_group_formation_failed(wpa_s); } } @@ -6669,6 +6675,7 @@ void wpas_p2p_notify_ap_sta_authorized(struct wpa_supplicant *wpa_s, wpa_s->p2p_go_group_formation_completed = 1; wpa_s->global->p2p_group_formation = NULL; wpa_s->p2p_in_provisioning = 0; + wpa_s->p2p_in_invitation = 0; } wpa_s->global->p2p_go_wait_client.sec = 0; if (addr == NULL) diff --git a/wpa_supplicant/wnm_sta.c b/wpa_supplicant/wnm_sta.c index 7db6eb69..1ca4c71f 100644 --- a/wpa_supplicant/wnm_sta.c +++ b/wpa_supplicant/wnm_sta.c @@ -235,16 +235,20 @@ static void ieee802_11_rx_wnmsleep_resp(struct wpa_supplicant *wpa_s, const u8 *frm, int len) { /* - * Action [1] | Diaglog Token [1] | Key Data Len [2] | Key Data | + * Action [1] | Dialog Token [1] | Key Data Len [2] | Key Data | * WNM-Sleep Mode IE | TFS Response IE */ u8 *pos = (u8 *) frm; /* point to payload after the action field */ - u16 key_len_total = le_to_host16(*((u16 *)(frm+2))); + u16 key_len_total; struct wnm_sleep_element *wnmsleep_ie = NULL; /* multiple TFS Resp IE (assuming consecutive) */ u8 *tfsresp_ie_start = NULL; u8 *tfsresp_ie_end = NULL; + if (len < 3) + return; + key_len_total = WPA_GET_LE16(frm + 1); + wpa_printf(MSG_DEBUG, "WNM-Sleep Mode Response token=%u key_len_total=%d", frm[0], key_len_total); pos += 3 + key_len_total; @@ -315,6 +319,7 @@ void wnm_deallocate_memory(struct wpa_supplicant *wpa_s) os_free(wpa_s->wnm_neighbor_report_elements[i].mul_bssid); } + wpa_s->wnm_num_neighbor_report = 0; os_free(wpa_s->wnm_neighbor_report_elements); wpa_s->wnm_neighbor_report_elements = NULL; } diff --git a/wpa_supplicant/wpa_cli.c b/wpa_supplicant/wpa_cli.c index 83817f99..28e186ea 100644 --- a/wpa_supplicant/wpa_cli.c +++ b/wpa_supplicant/wpa_cli.c @@ -842,32 +842,6 @@ static int wpa_cli_cmd_nfc_get_handover_sel(struct wpa_ctrl *ctrl, int argc, } -static int wpa_cli_cmd_nfc_rx_handover_sel(struct wpa_ctrl *ctrl, int argc, - char *argv[]) -{ - int ret; - char *buf; - size_t buflen; - - if (argc != 1) { - printf("Invalid 'nfc_rx_handover_sel' command - one argument " - "is required.\n"); - return -1; - } - - buflen = 21 + os_strlen(argv[0]); - buf = os_malloc(buflen); - if (buf == NULL) - return -1; - os_snprintf(buf, buflen, "NFC_RX_HANDOVER_SEL %s", argv[0]); - - ret = wpa_ctrl_command(ctrl, buf); - os_free(buf); - - return ret; -} - - static int wpa_cli_cmd_nfc_report_handover(struct wpa_ctrl *ctrl, int argc, char *argv[]) { @@ -1738,10 +1712,12 @@ static int wpa_cli_cmd_resume(struct wpa_ctrl *ctrl, int argc, char *argv[]) } +#ifdef CONFIG_TESTING_OPTIONS static int wpa_cli_cmd_drop_sa(struct wpa_ctrl *ctrl, int argc, char *argv[]) { return wpa_ctrl_command(ctrl, "DROP_SA"); } +#endif /* CONFIG_TESTING_OPTIONS */ static int wpa_cli_cmd_roam(struct wpa_ctrl *ctrl, int argc, char *argv[]) @@ -2702,9 +2678,6 @@ static struct wpa_cli_cmd wpa_cli_commands[] = { { "nfc_get_handover_sel", wpa_cli_cmd_nfc_get_handover_sel, NULL, cli_cmd_flag_none, "<NDEF> <WPS> = create NFC handover select" }, - { "nfc_rx_handover_sel", wpa_cli_cmd_nfc_rx_handover_sel, NULL, - cli_cmd_flag_none, - "<hexdump of payload> = report received NFC handover select" }, { "nfc_report_handover", wpa_cli_cmd_nfc_report_handover, NULL, cli_cmd_flag_none, "<role> <type> <hexdump of req> <hexdump of sel> = report completed " @@ -2768,8 +2741,10 @@ static struct wpa_cli_cmd wpa_cli_commands[] = { "= notification of suspend/hibernate" }, { "resume", wpa_cli_cmd_resume, NULL, cli_cmd_flag_none, "= notification of resume/thaw" }, +#ifdef CONFIG_TESTING_OPTIONS { "drop_sa", wpa_cli_cmd_drop_sa, NULL, cli_cmd_flag_none, "= drop SA without deauth/disassoc (test command)" }, +#endif /* CONFIG_TESTING_OPTIONS */ { "roam", wpa_cli_cmd_roam, wpa_cli_complete_bss, cli_cmd_flag_none, "<addr> = roam to the specified BSS" }, diff --git a/wpa_supplicant/wps_supplicant.c b/wpa_supplicant/wps_supplicant.c index dfcc0693..22b8e71a 100644 --- a/wpa_supplicant/wps_supplicant.c +++ b/wpa_supplicant/wps_supplicant.c @@ -278,7 +278,6 @@ static int wpa_supplicant_wps_cred(void *ctx, { struct wpa_supplicant *wpa_s = ctx; struct wpa_ssid *ssid = wpa_s->current_ssid; - u8 key_idx = 0; u16 auth_type; #ifdef CONFIG_WPS_REG_DISABLE_OPEN int registrar = 0; @@ -324,7 +323,6 @@ static int wpa_supplicant_wps_cred(void *ctx, } if (auth_type != WPS_AUTH_OPEN && - auth_type != WPS_AUTH_SHARED && auth_type != WPS_AUTH_WPAPSK && auth_type != WPS_AUTH_WPA2PSK) { wpa_printf(MSG_DEBUG, "WPS: Ignored credentials for " @@ -387,38 +385,6 @@ static int wpa_supplicant_wps_cred(void *ctx, switch (cred->encr_type) { case WPS_ENCR_NONE: break; - case WPS_ENCR_WEP: - if (cred->key_len <= 0) - break; - if (cred->key_len != 5 && cred->key_len != 13 && - cred->key_len != 10 && cred->key_len != 26) { - wpa_printf(MSG_ERROR, "WPS: Invalid WEP Key length " - "%lu", (unsigned long) cred->key_len); - return -1; - } - if (cred->key_idx > NUM_WEP_KEYS) { - wpa_printf(MSG_ERROR, "WPS: Invalid WEP Key index %d", - cred->key_idx); - return -1; - } - if (cred->key_idx) - key_idx = cred->key_idx - 1; - if (cred->key_len == 10 || cred->key_len == 26) { - if (hexstr2bin((char *) cred->key, - ssid->wep_key[key_idx], - cred->key_len / 2) < 0) { - wpa_printf(MSG_ERROR, "WPS: Invalid WEP Key " - "%d", key_idx); - return -1; - } - ssid->wep_key_len[key_idx] = cred->key_len / 2; - } else { - os_memcpy(ssid->wep_key[key_idx], cred->key, - cred->key_len); - ssid->wep_key_len[key_idx] = cred->key_len; - } - ssid->wep_tx_keyidx = key_idx; - break; case WPS_ENCR_TKIP: ssid->pairwise_cipher = WPA_CIPHER_TKIP; break; @@ -443,11 +409,6 @@ static int wpa_supplicant_wps_cred(void *ctx, } #endif /* CONFIG_WPS_REG_DISABLE_OPEN */ break; - case WPS_AUTH_SHARED: - ssid->auth_alg = WPA_AUTH_ALG_SHARED; - ssid->key_mgmt = WPA_KEY_MGMT_NONE; - ssid->proto = 0; - break; case WPS_AUTH_WPAPSK: ssid->auth_alg = WPA_AUTH_ALG_OPEN; ssid->key_mgmt = WPA_KEY_MGMT_PSK; @@ -1920,8 +1881,10 @@ int wpas_wps_er_config(struct wpa_supplicant *wpa_s, const char *uuid, if (os_strcmp(settings->encr, "NONE") == 0) cred.encr_type = WPS_ENCR_NONE; +#ifdef CONFIG_TESTING_OPTIONS else if (os_strcmp(settings->encr, "WEP") == 0) cred.encr_type = WPS_ENCR_WEP; +#endif /* CONFIG_TESTING_OPTIONS */ else if (os_strcmp(settings->encr, "TKIP") == 0) cred.encr_type = WPS_ENCR_TKIP; else if (os_strcmp(settings->encr, "CCMP") == 0) @@ -2399,8 +2362,8 @@ struct wpabuf * wpas_wps_nfc_handover_sel(struct wpa_supplicant *wpa_s, } -int wpas_wps_nfc_rx_handover_sel(struct wpa_supplicant *wpa_s, - const struct wpabuf *data) +static int wpas_wps_nfc_rx_handover_sel(struct wpa_supplicant *wpa_s, + const struct wpabuf *data) { struct wpabuf *wps; int ret = -1; diff --git a/wpa_supplicant/wps_supplicant.h b/wpa_supplicant/wps_supplicant.h index 39df2fb3..2263512c 100644 --- a/wpa_supplicant/wps_supplicant.h +++ b/wpa_supplicant/wps_supplicant.h @@ -75,8 +75,6 @@ struct wpabuf * wpas_wps_nfc_handover_req(struct wpa_supplicant *wpa_s, int ndef); struct wpabuf * wpas_wps_nfc_handover_sel(struct wpa_supplicant *wpa_s, int ndef, int cr, const char *uuid); -int wpas_wps_nfc_rx_handover_sel(struct wpa_supplicant *wpa_s, - const struct wpabuf *data); int wpas_wps_nfc_report_handover(struct wpa_supplicant *wpa_s, const struct wpabuf *req, const struct wpabuf *sel); |