diff options
Diffstat (limited to 'src')
60 files changed, 503 insertions, 221 deletions
diff --git a/src/ap/Makefile b/src/ap/Makefile index adfd3dfd..98788fef 100644 --- a/src/ap/Makefile +++ b/src/ap/Makefile @@ -1,8 +1,67 @@ -all: - @echo Nothing to be made. +all: libap.a clean: - rm -f *~ *.o *.d *.gcno *.gcda *.gcov + rm -f *~ *.o *.d *.gcno *.gcda *.gcov libap.a install: @echo Nothing to be made. + +include ../lib.rules + +CFLAGS += -DHOSTAPD +CFLAGS += -DNEED_AP_MLME +CFLAGS += -DCONFIG_HS20 +CFLAGS += -DCONFIG_INTERWORKING +CFLAGS += -DCONFIG_IEEE80211R +CFLAGS += -DCONFIG_IEEE80211W +CFLAGS += -DCONFIG_WPS +CFLAGS += -DCONFIG_PROXYARP +CFLAGS += -DCONFIG_IAPP + +LIB_OBJS= \ + accounting.o \ + ap_config.o \ + ap_drv_ops.o \ + ap_list.o \ + ap_mlme.o \ + authsrv.o \ + beacon.o \ + bss_load.o \ + ctrl_iface_ap.o \ + dfs.o \ + dhcp_snoop.o \ + drv_callbacks.o \ + eap_user_db.o \ + gas_serv.o \ + hostapd.o \ + hs20.o \ + hw_features.o \ + iapp.o \ + ieee802_11_auth.o \ + ieee802_11.o \ + ieee802_11_ht.o \ + ieee802_11_shared.o \ + ieee802_11_vht.o \ + ieee802_1x.o \ + ndisc_snoop.o \ + p2p_hostapd.o \ + peerkey_auth.o \ + pmksa_cache_auth.o \ + preauth_auth.o \ + sta_info.o \ + tkip_countermeasures.o \ + utils.o \ + vlan_init.o \ + wmm.o \ + wnm_ap.o \ + wpa_auth.o \ + wpa_auth_ft.o \ + wpa_auth_glue.o \ + wpa_auth_ie.o \ + wps_hostapd.o \ + x_snoop.o + +libap.a: $(LIB_OBJS) + $(AR) crT $@ $? + +-include $(OBJS:%.o=%.d) diff --git a/src/ap/ap_config.h b/src/ap/ap_config.h index 00d52408..7b4a7eaa 100644 --- a/src/ap/ap_config.h +++ b/src/ap/ap_config.h @@ -12,6 +12,7 @@ #include "common/defs.h" #include "ip_addr.h" #include "common/wpa_common.h" +#include "common/ieee802_11_defs.h" #include "common/ieee802_11_common.h" #include "wps/wps.h" @@ -57,8 +58,6 @@ struct hostapd_radius_servers; struct ft_remote_r0kh; struct ft_remote_r1kh; -#define HOSTAPD_MAX_SSID_LEN 32 - #define NUM_WEP_KEYS 4 struct hostapd_wep_keys { u8 idx; @@ -78,7 +77,7 @@ typedef enum hostap_security_policy { } secpolicy; struct hostapd_ssid { - u8 ssid[HOSTAPD_MAX_SSID_LEN]; + u8 ssid[SSID_MAX_LEN]; size_t ssid_len; unsigned int ssid_set:1; unsigned int utf8_ssid:1; @@ -511,7 +510,7 @@ struct hostapd_bss_config { char file[256]; } *hs20_icons; size_t hs20_icons_count; - u8 osu_ssid[HOSTAPD_MAX_SSID_LEN]; + u8 osu_ssid[SSID_MAX_LEN]; size_t osu_ssid_len; struct hs20_osu_provider { unsigned int friendly_name_count; diff --git a/src/ap/ap_list.c b/src/ap/ap_list.c index 04a56a95..78a1f7c3 100644 --- a/src/ap/ap_list.c +++ b/src/ap/ap_list.c @@ -193,14 +193,14 @@ void ap_list_process_beacon(struct hostapd_iface *iface, elems->supp_rates, elems->supp_rates_len, elems->ext_supp_rates, elems->ext_supp_rates_len); - if (elems->erp_info && elems->erp_info_len == 1) + if (elems->erp_info) ap->erp = elems->erp_info[0]; else ap->erp = -1; - if (elems->ds_params && elems->ds_params_len == 1) + if (elems->ds_params) ap->channel = elems->ds_params[0]; - else if (elems->ht_operation && elems->ht_operation_len >= 1) + else if (elems->ht_operation) ap->channel = elems->ht_operation[0]; else if (fi) ap->channel = fi->channel; diff --git a/src/ap/beacon.c b/src/ap/beacon.c index e575b65c..70098559 100644 --- a/src/ap/beacon.c +++ b/src/ap/beacon.c @@ -360,7 +360,6 @@ static u8 * hostapd_add_csa_elems(struct hostapd_data *hapd, u8 *pos, static u8 * hostapd_gen_probe_resp(struct hostapd_data *hapd, - struct sta_info *sta, const struct ieee80211_mgmt *req, int is_p2p, size_t *resp_len) { @@ -402,7 +401,7 @@ static u8 * hostapd_gen_probe_resp(struct hostapd_data *hapd, /* hardware or low-level driver will setup seq_ctrl and timestamp */ resp->u.probe_resp.capab_info = - host_to_le16(hostapd_own_capab_info(hapd, sta, 1)); + host_to_le16(hostapd_own_capab_info(hapd)); pos = resp->u.probe_resp.variable; *pos++ = WLAN_EID_SSID; @@ -548,7 +547,6 @@ void handle_probe_req(struct hostapd_data *hapd, struct ieee802_11_elems elems; const u8 *ie; size_t ie_len; - struct sta_info *sta = NULL; size_t i, resp_len; int noack; enum ssid_match_result res; @@ -590,7 +588,7 @@ void handle_probe_req(struct hostapd_data *hapd, * is less likely to see them (Probe Request frame sent on a * neighboring, but partially overlapping, channel). */ - if (elems.ds_params && elems.ds_params_len == 1 && + if (elems.ds_params && hapd->iface->current_mode && (hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G || hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211B) && @@ -635,8 +633,6 @@ void handle_probe_req(struct hostapd_data *hapd, return; } - sta = ap_get_sta(hapd, mgmt->sa); - #ifdef CONFIG_P2P if ((hapd->conf->p2p & P2P_GROUP_OWNER) && elems.ssid_len == P2P_WILDCARD_SSID_LEN && @@ -649,10 +645,7 @@ void handle_probe_req(struct hostapd_data *hapd, res = ssid_match(hapd, elems.ssid, elems.ssid_len, elems.ssid_list, elems.ssid_list_len); - if (res != NO_SSID_MATCH) { - if (sta) - sta->ssid_probe = &hapd->conf->ssid; - } else { + if (res == NO_SSID_MATCH) { if (!(mgmt->da[0] & 0x01)) { wpa_printf(MSG_MSGDUMP, "Probe Request from " MACSTR " for foreign SSID '%s' (DA " MACSTR ")%s", @@ -719,7 +712,7 @@ void handle_probe_req(struct hostapd_data *hapd, } #endif /* CONFIG_TESTING_OPTIONS */ - resp = hostapd_gen_probe_resp(hapd, sta, mgmt, elems.p2p != NULL, + resp = hostapd_gen_probe_resp(hapd, mgmt, elems.p2p != NULL, &resp_len); if (resp == NULL) return; @@ -774,7 +767,7 @@ static u8 * hostapd_probe_resp_offloads(struct hostapd_data *hapd, "this"); /* Generate a Probe Response template for the non-P2P case */ - return hostapd_gen_probe_resp(hapd, NULL, NULL, 0, resp_len); + return hostapd_gen_probe_resp(hapd, NULL, 0, resp_len); } #endif /* NEED_AP_MLME */ @@ -833,7 +826,7 @@ int ieee802_11_build_ap_params(struct hostapd_data *hapd, host_to_le16(hapd->iconf->beacon_int); /* hardware or low-level driver will setup seq_ctrl and timestamp */ - capab_info = hostapd_own_capab_info(hapd, NULL, 0); + capab_info = hostapd_own_capab_info(hapd); head->u.beacon.capab_info = host_to_le16(capab_info); pos = &head->u.beacon.variable[0]; diff --git a/src/ap/drv_callbacks.c b/src/ap/drv_callbacks.c index 507053ea..80e4c2e7 100644 --- a/src/ap/drv_callbacks.c +++ b/src/ap/drv_callbacks.c @@ -126,8 +126,6 @@ int hostapd_notif_assoc(struct hostapd_data *hapd, const u8 *addr, #ifdef CONFIG_IEEE80211N #ifdef NEED_AP_MLME if (elems.ht_capabilities && - elems.ht_capabilities_len >= - sizeof(struct ieee80211_ht_capabilities) && (hapd->iface->conf->ht_capab & HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)) { struct ieee80211_ht_capabilities *ht_cap = diff --git a/src/ap/hostapd.c b/src/ap/hostapd.c index 6cdb6d37..5abe5edd 100644 --- a/src/ap/hostapd.c +++ b/src/ap/hostapd.c @@ -862,7 +862,7 @@ hostapd_das_disconnect(void *ctx, struct radius_das_attrs *attr) static int hostapd_setup_bss(struct hostapd_data *hapd, int first) { struct hostapd_bss_config *conf = hapd->conf; - u8 ssid[HOSTAPD_MAX_SSID_LEN + 1]; + u8 ssid[SSID_MAX_LEN + 1]; int ssid_len, set_ssid; char force_ifname[IFNAMSIZ]; u8 if_addr[ETH_ALEN]; diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c index 3601dfe3..5b265584 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -132,8 +132,7 @@ u8 * hostapd_eid_ext_supp_rates(struct hostapd_data *hapd, u8 *eid) } -u16 hostapd_own_capab_info(struct hostapd_data *hapd, struct sta_info *sta, - int probe) +u16 hostapd_own_capab_info(struct hostapd_data *hapd) { int capab = WLAN_CAPABILITY_ESS; int privacy; @@ -166,20 +165,6 @@ u16 hostapd_own_capab_info(struct hostapd_data *hapd, struct sta_info *sta, privacy = 1; #endif /* CONFIG_HS20 */ - if (sta) { - int policy, def_klen; - if (probe && sta->ssid_probe) { - policy = sta->ssid_probe->security_policy; - def_klen = sta->ssid_probe->wep.default_len; - } else { - policy = sta->ssid->security_policy; - def_klen = sta->ssid->wep.default_len; - } - privacy = policy != SECURITY_PLAINTEXT; - if (policy == SECURITY_IEEE_802_1X && def_klen == 0) - privacy = 0; - } - if (privacy) capab |= WLAN_CAPABILITY_PRIVACY; @@ -1297,8 +1282,7 @@ static u16 check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, if (resp != WLAN_STATUS_SUCCESS) return resp; #ifdef CONFIG_IEEE80211N - resp = copy_sta_ht_capab(hapd, sta, elems.ht_capabilities, - elems.ht_capabilities_len); + resp = copy_sta_ht_capab(hapd, sta, elems.ht_capabilities); if (resp != WLAN_STATUS_SUCCESS) return resp; if (hapd->iconf->ieee80211n && hapd->iconf->require_ht && @@ -1311,8 +1295,7 @@ static u16 check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, #endif /* CONFIG_IEEE80211N */ #ifdef CONFIG_IEEE80211AC - resp = copy_sta_vht_capab(hapd, sta, elems.vht_capabilities, - elems.vht_capabilities_len); + resp = copy_sta_vht_capab(hapd, sta, elems.vht_capabilities); if (resp != WLAN_STATUS_SUCCESS) return resp; @@ -1594,7 +1577,7 @@ static void send_assoc_resp(struct hostapd_data *hapd, struct sta_info *sta, send_len = IEEE80211_HDRLEN; send_len += sizeof(reply->u.assoc_resp); reply->u.assoc_resp.capab_info = - host_to_le16(hostapd_own_capab_info(hapd, sta, 0)); + host_to_le16(hostapd_own_capab_info(hapd)); reply->u.assoc_resp.status_code = host_to_le16(status_code); reply->u.assoc_resp.aid = host_to_le16(sta->aid | BIT(14) | BIT(15)); /* Supported rates */ @@ -2335,7 +2318,7 @@ static void hostapd_set_wds_encryption(struct hostapd_data *hapd, char *ifname_wds) { int i; - struct hostapd_ssid *ssid = sta->ssid; + struct hostapd_ssid *ssid = &hapd->conf->ssid; if (hapd->conf->ieee802_1x || hapd->conf->wpa) return; diff --git a/src/ap/ieee802_11.h b/src/ap/ieee802_11.h index 41c27d90..44c1bff3 100644 --- a/src/ap/ieee802_11.h +++ b/src/ap/ieee802_11.h @@ -14,6 +14,7 @@ struct hostapd_data; struct sta_info; struct hostapd_frame_info; struct ieee80211_ht_capabilities; +struct ieee80211_vht_capabilities; struct ieee80211_mgmt; int ieee802_11_mgmt(struct hostapd_data *hapd, const u8 *buf, size_t len, @@ -40,8 +41,7 @@ static inline int ieee802_11_get_mib_sta(struct hostapd_data *hapd, return 0; } #endif /* NEED_AP_MLME */ -u16 hostapd_own_capab_info(struct hostapd_data *hapd, struct sta_info *sta, - int probe); +u16 hostapd_own_capab_info(struct hostapd_data *hapd); void ap_ht2040_timeout(void *eloop_data, void *user_data); u8 * hostapd_eid_ext_capab(struct hostapd_data *hapd, u8 *eid); u8 * hostapd_eid_qos_map_set(struct hostapd_data *hapd, u8 *eid); @@ -62,7 +62,7 @@ void hostapd_get_vht_capab(struct hostapd_data *hapd, struct ieee80211_vht_capabilities *vht_cap, struct ieee80211_vht_capabilities *neg_vht_cap); u16 copy_sta_ht_capab(struct hostapd_data *hapd, struct sta_info *sta, - const u8 *ht_capab, size_t ht_capab_len); + const u8 *ht_capab); u16 copy_sta_vendor_vht(struct hostapd_data *hapd, struct sta_info *sta, const u8 *ie, size_t len); @@ -70,7 +70,7 @@ void update_ht_state(struct hostapd_data *hapd, struct sta_info *sta); void ht40_intolerant_add(struct hostapd_iface *iface, struct sta_info *sta); void ht40_intolerant_remove(struct hostapd_iface *iface, struct sta_info *sta); u16 copy_sta_vht_capab(struct hostapd_data *hapd, struct sta_info *sta, - const u8 *vht_capab, size_t vht_capab_len); + const u8 *vht_capab); u16 set_sta_vht_opmode(struct hostapd_data *hapd, struct sta_info *sta, const u8 *vht_opmode); void hostapd_tx_status(struct hostapd_data *hapd, const u8 *addr, diff --git a/src/ap/ieee802_11_ht.c b/src/ap/ieee802_11_ht.c index 9dad8e34..11fde2a2 100644 --- a/src/ap/ieee802_11_ht.c +++ b/src/ap/ieee802_11_ht.c @@ -310,7 +310,7 @@ void hostapd_2040_coex_action(struct hostapd_data *hapd, u16 copy_sta_ht_capab(struct hostapd_data *hapd, struct sta_info *sta, - const u8 *ht_capab, size_t ht_capab_len) + const u8 *ht_capab) { /* * Disable HT caps for STAs associated to no-HT BSSes, or for stations @@ -318,7 +318,6 @@ u16 copy_sta_ht_capab(struct hostapd_data *hapd, struct sta_info *sta, * frame. */ if (!ht_capab || - ht_capab_len < sizeof(struct ieee80211_ht_capabilities) || !(sta->flags & WLAN_STA_WMM) || hapd->conf->disable_11n) { sta->flags &= ~WLAN_STA_HT; os_free(sta->ht_capabilities); diff --git a/src/ap/ieee802_11_vht.c b/src/ap/ieee802_11_vht.c index 171538ad..5bf1b5d7 100644 --- a/src/ap/ieee802_11_vht.c +++ b/src/ap/ieee802_11_vht.c @@ -132,11 +132,10 @@ static int check_valid_vht_mcs(struct hostapd_hw_modes *mode, u16 copy_sta_vht_capab(struct hostapd_data *hapd, struct sta_info *sta, - const u8 *vht_capab, size_t vht_capab_len) + const u8 *vht_capab) { /* Disable VHT caps for STAs associated to no-VHT BSSes. */ if (!vht_capab || - vht_capab_len < sizeof(struct ieee80211_vht_capabilities) || hapd->conf->disable_11ac || !check_valid_vht_mcs(hapd->iface->current_mode, vht_capab)) { sta->flags &= ~WLAN_STA_VHT; diff --git a/src/ap/ieee802_1x.c b/src/ap/ieee802_1x.c index f945efa7..863a5398 100644 --- a/src/ap/ieee802_1x.c +++ b/src/ap/ieee802_1x.c @@ -1652,7 +1652,7 @@ ieee802_1x_receive_auth(struct radius_msg *msg, struct radius_msg *req, switch (hdr->code) { case RADIUS_CODE_ACCESS_ACCEPT: - if (sta->ssid->dynamic_vlan == DYNAMIC_VLAN_DISABLED) + if (hapd->conf->ssid.dynamic_vlan == DYNAMIC_VLAN_DISABLED) vlan_id = 0; #ifndef CONFIG_NO_VLAN else @@ -1671,7 +1671,8 @@ ieee802_1x_receive_auth(struct radius_msg *msg, struct radius_msg *req, "Invalid VLAN ID %d received from RADIUS server", vlan_id); break; - } else if (sta->ssid->dynamic_vlan == DYNAMIC_VLAN_REQUIRED) { + } else if (hapd->conf->ssid.dynamic_vlan == + DYNAMIC_VLAN_REQUIRED) { sta->eapol_sm->authFail = TRUE; hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X, diff --git a/src/ap/sta_info.c b/src/ap/sta_info.c index 1576db95..20847d58 100644 --- a/src/ap/sta_info.c +++ b/src/ap/sta_info.c @@ -632,7 +632,6 @@ struct sta_info * ap_sta_add(struct hostapd_data *hapd, const u8 *addr) hapd->sta_list = sta; hapd->num_sta++; ap_sta_hash_add(hapd, sta); - sta->ssid = &hapd->conf->ssid; ap_sta_remove_in_other_bss(hapd, sta); sta->last_seq_ctrl = WLAN_INVALID_MGMT_SEQ; dl_list_init(&sta->ip6addr); @@ -790,10 +789,10 @@ int ap_sta_bind_vlan(struct hostapd_data *hapd, struct sta_info *sta) int old_vlanid = sta->vlan_id_bound; iface = hapd->conf->iface; - if (sta->ssid->vlan[0]) - iface = sta->ssid->vlan; + if (hapd->conf->ssid.vlan[0]) + iface = hapd->conf->ssid.vlan; - if (sta->ssid->dynamic_vlan == DYNAMIC_VLAN_DISABLED) + if (hapd->conf->ssid.dynamic_vlan == DYNAMIC_VLAN_DISABLED) sta->vlan_id = 0; else if (sta->vlan_id > 0) { struct hostapd_vlan *wildcard_vlan = NULL; @@ -839,7 +838,7 @@ int ap_sta_bind_vlan(struct hostapd_data *hapd, struct sta_info *sta) } iface = vlan->ifname; - if (vlan_setup_encryption_dyn(hapd, sta->ssid, iface) != 0) { + if (vlan_setup_encryption_dyn(hapd, iface) != 0) { hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_DEBUG, "could not " @@ -866,7 +865,7 @@ int ap_sta_bind_vlan(struct hostapd_data *hapd, struct sta_info *sta) * configuration for the case where hostapd did not yet know * which keys are to be used when the interface was added. */ - if (vlan_setup_encryption_dyn(hapd, sta->ssid, iface) != 0) { + if (vlan_setup_encryption_dyn(hapd, iface) != 0) { hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_DEBUG, "could not " diff --git a/src/ap/sta_info.h b/src/ap/sta_info.h index d192c71f..52a9997f 100644 --- a/src/ap/sta_info.h +++ b/src/ap/sta_info.h @@ -117,9 +117,6 @@ struct sta_info { struct wpa_state_machine *wpa_sm; struct rsn_preauth_interface *preauth_iface; - struct hostapd_ssid *ssid; /* SSID selection based on (Re)AssocReq */ - struct hostapd_ssid *ssid_probe; /* SSID selection based on ProbeReq */ - int vlan_id; /* 0: none, >0: VID */ int vlan_id_bound; /* updated by ap_sta_bind_vlan() */ /* PSKs from RADIUS authentication server */ diff --git a/src/ap/vlan_init.c b/src/ap/vlan_init.c index c57c0629..baabbe33 100644 --- a/src/ap/vlan_init.c +++ b/src/ap/vlan_init.c @@ -784,8 +784,7 @@ static void full_dynamic_vlan_deinit(struct full_dynamic_vlan *priv) #endif /* CONFIG_FULL_DYNAMIC_VLAN */ -int vlan_setup_encryption_dyn(struct hostapd_data *hapd, - struct hostapd_ssid *mssid, const char *dyn_vlan) +int vlan_setup_encryption_dyn(struct hostapd_data *hapd, const char *dyn_vlan) { int i; @@ -795,10 +794,11 @@ int vlan_setup_encryption_dyn(struct hostapd_data *hapd, /* Static WEP keys are set here; IEEE 802.1X and WPA uses their own * functions for setting up dynamic broadcast keys. */ for (i = 0; i < 4; i++) { - if (mssid->wep.key[i] && + if (hapd->conf->ssid.wep.key[i] && hostapd_drv_set_key(dyn_vlan, hapd, WPA_ALG_WEP, NULL, i, - i == mssid->wep.idx, NULL, 0, - mssid->wep.key[i], mssid->wep.len[i])) + i == hapd->conf->ssid.wep.idx, NULL, 0, + hapd->conf->ssid.wep.key[i], + hapd->conf->ssid.wep.len[i])) { wpa_printf(MSG_ERROR, "VLAN: Could not set WEP " "encryption for dynamic VLAN"); diff --git a/src/ap/vlan_init.h b/src/ap/vlan_init.h index 781eaac4..fc39443e 100644 --- a/src/ap/vlan_init.h +++ b/src/ap/vlan_init.h @@ -18,7 +18,6 @@ struct hostapd_vlan * vlan_add_dynamic(struct hostapd_data *hapd, int vlan_id); int vlan_remove_dynamic(struct hostapd_data *hapd, int vlan_id); int vlan_setup_encryption_dyn(struct hostapd_data *hapd, - struct hostapd_ssid *mssid, const char *dyn_vlan); #else /* CONFIG_NO_VLAN */ static inline int vlan_init(struct hostapd_data *hapd) @@ -43,7 +42,6 @@ static inline int vlan_remove_dynamic(struct hostapd_data *hapd, int vlan_id) } static inline int vlan_setup_encryption_dyn(struct hostapd_data *hapd, - struct hostapd_ssid *mssid, const char *dyn_vlan) { return -1; diff --git a/src/ap/wpa_auth.h b/src/ap/wpa_auth.h index 11e745eb..e7478064 100644 --- a/src/ap/wpa_auth.h +++ b/src/ap/wpa_auth.h @@ -12,6 +12,7 @@ #include "common/defs.h" #include "common/eapol_common.h" #include "common/wpa_common.h" +#include "common/ieee802_11_defs.h" #ifdef _MSC_VER #pragma pack(push, 1) @@ -146,8 +147,7 @@ struct wpa_auth_config { int group_mgmt_cipher; #endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_IEEE80211R -#define SSID_LEN 32 - u8 ssid[SSID_LEN]; + u8 ssid[SSID_MAX_LEN]; size_t ssid_len; u8 mobility_domain[MOBILITY_DOMAIN_ID_LEN]; u8 r0_key_holder[FT_R0KH_ID_MAX_LEN]; diff --git a/src/ap/wpa_auth_ft.c b/src/ap/wpa_auth_ft.c index ef3249a3..eeaffbf6 100644 --- a/src/ap/wpa_auth_ft.c +++ b/src/ap/wpa_auth_ft.c @@ -534,10 +534,8 @@ static u8 * wpa_ft_process_rdie(struct wpa_state_machine *sm, return pos; } -#ifdef NEED_AP_MLME - if (parse.wmm_tspec && sm->wpa_auth->conf.ap_mlme) { + if (parse.wmm_tspec) { struct wmm_tspec_element *tspec; - int res; if (parse.wmm_tspec_len + 2 < (int) sizeof(*tspec)) { wpa_printf(MSG_DEBUG, "FT: Too short WMM TSPEC IE " @@ -555,7 +553,13 @@ static u8 * wpa_ft_process_rdie(struct wpa_state_machine *sm, } tspec = (struct wmm_tspec_element *) pos; os_memcpy(tspec, parse.wmm_tspec - 2, sizeof(*tspec)); - res = wmm_process_tspec(tspec); + } + +#ifdef NEED_AP_MLME + if (parse.wmm_tspec && sm->wpa_auth->conf.ap_mlme) { + int res; + + res = wmm_process_tspec((struct wmm_tspec_element *) pos); wpa_printf(MSG_DEBUG, "FT: ADDTS processing result: %d", res); if (res == WMM_ADDTS_STATUS_INVALID_PARAMETERS) rdie->status_code = @@ -566,20 +570,17 @@ static u8 * wpa_ft_process_rdie(struct wpa_state_machine *sm, else { /* TSPEC accepted; include updated TSPEC in response */ rdie->descr_count = 1; - pos += sizeof(*tspec); + pos += sizeof(struct wmm_tspec_element); } return pos; } #endif /* NEED_AP_MLME */ if (parse.wmm_tspec && !sm->wpa_auth->conf.ap_mlme) { - struct wmm_tspec_element *tspec; int res; - tspec = (struct wmm_tspec_element *) pos; - os_memcpy(tspec, parse.wmm_tspec - 2, sizeof(*tspec)); res = wpa_ft_add_tspec(sm->wpa_auth, sm->addr, pos, - sizeof(*tspec)); + sizeof(struct wmm_tspec_element)); if (res >= 0) { if (res) rdie->status_code = host_to_le16(res); @@ -587,7 +588,7 @@ static u8 * wpa_ft_process_rdie(struct wpa_state_machine *sm, /* TSPEC accepted; include updated TSPEC in * response */ rdie->descr_count = 1; - pos += sizeof(*tspec); + pos += sizeof(struct wmm_tspec_element); } return pos; } diff --git a/src/ap/wpa_auth_glue.c b/src/ap/wpa_auth_glue.c index d417a72d..7cd0b6cf 100644 --- a/src/ap/wpa_auth_glue.c +++ b/src/ap/wpa_auth_glue.c @@ -54,8 +54,8 @@ static void hostapd_wpa_auth_conf(struct hostapd_bss_config *conf, #endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_IEEE80211R wconf->ssid_len = conf->ssid.ssid_len; - if (wconf->ssid_len > SSID_LEN) - wconf->ssid_len = SSID_LEN; + if (wconf->ssid_len > SSID_MAX_LEN) + wconf->ssid_len = SSID_MAX_LEN; os_memcpy(wconf->ssid, conf->ssid.ssid, wconf->ssid_len); os_memcpy(wconf->mobility_domain, conf->mobility_domain, MOBILITY_DOMAIN_ID_LEN); diff --git a/src/ap/wps_hostapd.c b/src/ap/wps_hostapd.c index 7e748291..68eaeca1 100644 --- a/src/ap/wps_hostapd.c +++ b/src/ap/wps_hostapd.c @@ -324,7 +324,7 @@ static int hapd_wps_reconfig_in_memory(struct hostapd_data *hapd, wpa_printf(MSG_DEBUG, "WPS: Updating in-memory configuration"); bss->wps_state = 2; - if (cred->ssid_len <= HOSTAPD_MAX_SSID_LEN) { + if (cred->ssid_len <= SSID_MAX_LEN) { os_memcpy(bss->ssid.ssid, cred->ssid, cred->ssid_len); bss->ssid.ssid_len = cred->ssid_len; bss->ssid.ssid_set = 1; diff --git a/src/common/Makefile b/src/common/Makefile index adfd3dfd..e7036308 100644 --- a/src/common/Makefile +++ b/src/common/Makefile @@ -1,8 +1,28 @@ -all: - @echo Nothing to be made. +all: libcommon.a clean: - rm -f *~ *.o *.d *.gcno *.gcda *.gcov + rm -f *~ *.o *.d *.gcno *.gcda *.gcov libcommon.a install: @echo Nothing to be made. + +include ../lib.rules + +CFLAGS += -DCONFIG_IEEE80211R +CFLAGS += -DCONFIG_IEEE80211W +CFLAGS += -DCONFIG_HS20 +CFLAGS += -DCONFIG_SAE +CFLAGS += -DCONFIG_SUITE +CFLAGS += -DCONFIG_SUITEB + +LIB_OBJS= \ + gas.o \ + hw_features_common.o \ + ieee802_11_common.o \ + sae.o \ + wpa_common.o + +libcommon.a: $(LIB_OBJS) + $(AR) crT $@ $? + +-include $(OBJS:%.o=%.d) diff --git a/src/common/hw_features_common.c b/src/common/hw_features_common.c index 8d83de65..e61f8242 100644 --- a/src/common/hw_features_common.c +++ b/src/common/hw_features_common.c @@ -152,8 +152,7 @@ void get_pri_sec_chan(struct wpa_scan_res *bss, int *pri_chan, int *sec_chan) *pri_chan = *sec_chan = 0; ieee802_11_parse_elems((u8 *) (bss + 1), bss->ie_len, &elems, 0); - if (elems.ht_operation && - elems.ht_operation_len >= sizeof(*oper)) { + if (elems.ht_operation) { oper = (struct ieee80211_ht_operation *) elems.ht_operation; *pri_chan = oper->primary_chan; if (oper->ht_param & HT_INFO_HT_PARAM_STA_CHNL_WIDTH) { @@ -253,8 +252,7 @@ int check_20mhz_bss(struct wpa_scan_res *bss, int pri_freq, int start, int end) return 1; } - if (elems.ht_operation && - elems.ht_operation_len >= sizeof(*oper)) { + if (elems.ht_operation) { oper = (struct ieee80211_ht_operation *) elems.ht_operation; if (oper->ht_param & HT_INFO_HT_PARAM_SECONDARY_CHNL_OFF_MASK) return 0; @@ -335,9 +333,7 @@ int check_40mhz_2g4(struct hostapd_hw_modes *mode, ieee802_11_parse_elems((u8 *) (bss + 1), bss->ie_len, &elems, 0); - if (elems.ht_capabilities && - elems.ht_capabilities_len >= - sizeof(struct ieee80211_ht_capabilities)) { + if (elems.ht_capabilities) { struct ieee80211_ht_capabilities *ht_cap = (struct ieee80211_ht_capabilities *) elems.ht_capabilities; diff --git a/src/common/ieee802_11_common.c b/src/common/ieee802_11_common.c index aca0b732..7843e6fe 100644 --- a/src/common/ieee802_11_common.c +++ b/src/common/ieee802_11_common.c @@ -1,6 +1,6 @@ /* * IEEE 802.11 Common routines - * Copyright (c) 2002-2013, Jouni Malinen <j@w1.fi> + * Copyright (c) 2002-2015, Jouni Malinen <j@w1.fi> * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -10,6 +10,7 @@ #include "common.h" #include "defs.h" +#include "wpa_common.h" #include "ieee802_11_defs.h" #include "ieee802_11_common.h" @@ -196,6 +197,12 @@ ParseRes ieee802_11_parse_elems(const u8 *start, size_t len, switch (id) { case WLAN_EID_SSID: + if (elen > SSID_MAX_LEN) { + wpa_printf(MSG_DEBUG, + "Ignored too long SSID element (elen=%u)", + elen); + break; + } elems->ssid = pos; elems->ssid_len = elen; break; @@ -204,8 +211,9 @@ ParseRes ieee802_11_parse_elems(const u8 *start, size_t len, elems->supp_rates_len = elen; break; case WLAN_EID_DS_PARAMS: + if (elen < 1) + break; elems->ds_params = pos; - elems->ds_params_len = elen; break; case WLAN_EID_CF_PARAMS: case WLAN_EID_TIM: @@ -215,8 +223,9 @@ ParseRes ieee802_11_parse_elems(const u8 *start, size_t len, elems->challenge_len = elen; break; case WLAN_EID_ERP_INFO: + if (elen < 1) + break; elems->erp_info = pos; - elems->erp_info_len = elen; break; case WLAN_EID_EXT_SUPP_RATES: elems->ext_supp_rates = pos; @@ -239,24 +248,31 @@ ParseRes ieee802_11_parse_elems(const u8 *start, size_t len, elems->supp_channels_len = elen; break; case WLAN_EID_MOBILITY_DOMAIN: + if (elen < sizeof(struct rsn_mdie)) + break; elems->mdie = pos; elems->mdie_len = elen; break; case WLAN_EID_FAST_BSS_TRANSITION: + if (elen < sizeof(struct rsn_ftie)) + break; elems->ftie = pos; elems->ftie_len = elen; break; case WLAN_EID_TIMEOUT_INTERVAL: + if (elen != 5) + break; elems->timeout_int = pos; - elems->timeout_int_len = elen; break; case WLAN_EID_HT_CAP: + if (elen < sizeof(struct ieee80211_ht_capabilities)) + break; elems->ht_capabilities = pos; - elems->ht_capabilities_len = elen; break; case WLAN_EID_HT_OPERATION: + if (elen < sizeof(struct ieee80211_ht_operation)) + break; elems->ht_operation = pos; - elems->ht_operation_len = elen; break; case WLAN_EID_MESH_CONFIG: elems->mesh_config = pos; @@ -271,12 +287,14 @@ ParseRes ieee802_11_parse_elems(const u8 *start, size_t len, elems->peer_mgmt_len = elen; break; case WLAN_EID_VHT_CAP: + if (elen < sizeof(struct ieee80211_vht_capabilities)) + break; elems->vht_capabilities = pos; - elems->vht_capabilities_len = elen; break; case WLAN_EID_VHT_OPERATION: + if (elen < sizeof(struct ieee80211_vht_operation)) + break; elems->vht_operation = pos; - elems->vht_operation_len = elen; break; case WLAN_EID_VHT_OPERATING_MODE_NOTIFICATION: if (elen != 1) diff --git a/src/common/ieee802_11_common.h b/src/common/ieee802_11_common.h index 7f0b296d..c84d8a74 100644 --- a/src/common/ieee802_11_common.h +++ b/src/common/ieee802_11_common.h @@ -51,9 +51,7 @@ struct ieee802_11_elems { u8 ssid_len; u8 supp_rates_len; - u8 ds_params_len; u8 challenge_len; - u8 erp_info_len; u8 ext_supp_rates_len; u8 wpa_ie_len; u8 rsn_ie_len; @@ -63,14 +61,9 @@ struct ieee802_11_elems { u8 supp_channels_len; u8 mdie_len; u8 ftie_len; - u8 timeout_int_len; - u8 ht_capabilities_len; - u8 ht_operation_len; u8 mesh_config_len; u8 mesh_id_len; u8 peer_mgmt_len; - u8 vht_capabilities_len; - u8 vht_operation_len; u8 vendor_ht_cap_len; u8 vendor_vht_len; u8 p2p_len; diff --git a/src/common/ieee802_11_defs.h b/src/common/ieee802_11_defs.h index 6e9c43cb..47b15dea 100644 --- a/src/common/ieee802_11_defs.h +++ b/src/common/ieee802_11_defs.h @@ -10,6 +10,8 @@ #ifndef IEEE802_11_DEFS_H #define IEEE802_11_DEFS_H +#include <utils/common.h> + /* IEEE 802.11 defines */ #define WLAN_FC_PVER 0x0003 @@ -1354,4 +1356,6 @@ struct rrm_link_measurement_report { u8 variable[0]; } STRUCT_PACKED; +#define SSID_MAX_LEN 32 + #endif /* IEEE802_11_DEFS_H */ diff --git a/src/common/privsep_commands.h b/src/common/privsep_commands.h index 4dc34c4a..c6a472d1 100644 --- a/src/common/privsep_commands.h +++ b/src/common/privsep_commands.h @@ -9,6 +9,8 @@ #ifndef PRIVSEP_COMMANDS_H #define PRIVSEP_COMMANDS_H +#include "common/ieee802_11_defs.h" + enum privsep_cmd { PRIVSEP_CMD_REGISTER, PRIVSEP_CMD_UNREGISTER, @@ -29,7 +31,7 @@ enum privsep_cmd { struct privsep_cmd_associate { u8 bssid[ETH_ALEN]; - u8 ssid[32]; + u8 ssid[SSID_MAX_LEN]; size_t ssid_len; int hwmode; int freq; diff --git a/src/common/qca-vendor.h b/src/common/qca-vendor.h index 5ff68178..e51f85f9 100644 --- a/src/common/qca-vendor.h +++ b/src/common/qca-vendor.h @@ -132,7 +132,7 @@ enum qca_nl80211_vendor_subcmds { QCA_NL80211_VENDOR_SUBCMD_KEY_MGMT_SET_KEY = 50, QCA_NL80211_VENDOR_SUBCMD_KEY_MGMT_ROAM_AUTH = 51, QCA_NL80211_VENDOR_SUBCMD_APFIND = 52, - /* 53 - reserved for QCA */ + /* 53 - reserved - was used by QCA, but not in use anymore */ QCA_NL80211_VENDOR_SUBCMD_DO_ACS = 54, QCA_NL80211_VENDOR_SUBCMD_GET_FEATURES = 55, QCA_NL80211_VENDOR_SUBCMD_DFS_OFFLOAD_CAC_STARTED = 56, @@ -142,6 +142,15 @@ enum qca_nl80211_vendor_subcmds { QCA_NL80211_VENDOR_SUBCMD_DFS_OFFLOAD_RADAR_DETECTED = 60, /* 61-90 - reserved for QCA */ QCA_NL80211_VENDOR_SUBCMD_DATA_OFFLOAD = 91, + QCA_NL80211_VENDOR_SUBCMD_OCB_SET_CONFIG = 92, + QCA_NL80211_VENDOR_SUBCMD_OCB_SET_UTC_TIME = 93, + QCA_NL80211_VENDOR_SUBCMD_OCB_START_TIMING_ADVERT = 94, + QCA_NL80211_VENDOR_SUBCMD_OCB_STOP_TIMING_ADVERT = 95, + QCA_NL80211_VENDOR_SUBCMD_OCB_GET_TSF_TIMER = 96, + QCA_NL80211_VENDOR_SUBCMD_DCC_GET_STATS = 97, + QCA_NL80211_VENDOR_SUBCMD_DCC_CLEAR_STATS = 98, + QCA_NL80211_VENDOR_SUBCMD_DCC_UPDATE_NDL = 99, + QCA_NL80211_VENDOR_SUBCMD_DCC_STATS_EVENT = 100, }; diff --git a/src/common/wpa_common.c b/src/common/wpa_common.c index 03689048..a0747b4b 100644 --- a/src/common/wpa_common.c +++ b/src/common/wpa_common.c @@ -356,6 +356,8 @@ int wpa_ft_parse_ies(const u8 *ies, size_t ies_len, parse->rsn_pmkid = data.pmkid; break; case WLAN_EID_MOBILITY_DOMAIN: + if (pos[1] < sizeof(struct rsn_mdie)) + return -1; parse->mdie = pos + 2; parse->mdie_len = pos[1]; break; @@ -368,6 +370,8 @@ int wpa_ft_parse_ies(const u8 *ies, size_t ies_len, return -1; break; case WLAN_EID_TIMEOUT_INTERVAL: + if (pos[1] != 5) + break; parse->tie = pos + 2; parse->tie_len = pos[1]; break; @@ -838,7 +842,7 @@ void wpa_derive_pmk_r0(const u8 *xxkey, size_t xxkey_len, const u8 *mdid, const u8 *r0kh_id, size_t r0kh_id_len, const u8 *s0kh_id, u8 *pmk_r0, u8 *pmk_r0_name) { - u8 buf[1 + WPA_MAX_SSID_LEN + MOBILITY_DOMAIN_ID_LEN + 1 + + u8 buf[1 + SSID_MAX_LEN + MOBILITY_DOMAIN_ID_LEN + 1 + FT_R0KH_ID_MAX_LEN + ETH_ALEN]; u8 *pos, r0_key_data[48], hash[32]; const u8 *addr[2]; @@ -852,7 +856,7 @@ void wpa_derive_pmk_r0(const u8 *xxkey, size_t xxkey_len, * PMK-R0 = L(R0-Key-Data, 0, 256) * PMK-R0Name-Salt = L(R0-Key-Data, 256, 128) */ - if (ssid_len > WPA_MAX_SSID_LEN || r0kh_id_len > FT_R0KH_ID_MAX_LEN) + if (ssid_len > SSID_MAX_LEN || r0kh_id_len > FT_R0KH_ID_MAX_LEN) return; pos = buf; *pos++ = ssid_len; diff --git a/src/common/wpa_common.h b/src/common/wpa_common.h index 091e317f..29c3503c 100644 --- a/src/common/wpa_common.h +++ b/src/common/wpa_common.h @@ -9,8 +9,6 @@ #ifndef WPA_COMMON_H #define WPA_COMMON_H -#define WPA_MAX_SSID_LEN 32 - /* IEEE 802.11i */ #define PMKID_LEN 16 #define PMK_LEN 32 @@ -308,7 +306,6 @@ struct wpa_igtk_kde { } STRUCT_PACKED; #endif /* CONFIG_IEEE80211W */ -#ifdef CONFIG_IEEE80211R struct rsn_mdie { u8 mobility_domain[MOBILITY_DOMAIN_ID_LEN]; u8 ft_capab; @@ -336,7 +333,6 @@ struct rsn_rdie { le16 status_code; } STRUCT_PACKED; -#endif /* CONFIG_IEEE80211R */ #ifdef _MSC_VER #pragma pack(pop) diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c index 935add5a..d3e9eb93 100644 --- a/src/crypto/tls_openssl.c +++ b/src/crypto/tls_openssl.c @@ -2703,8 +2703,7 @@ static int openssl_tls_prf(void *tls_ctx, struct tls_connection *conn, return -1; ssl = conn->ssl; if (ssl == NULL || ssl->s3 == NULL || ssl->session == NULL || - ssl->s3->client_random == NULL || ssl->s3->server_random == NULL || - ssl->session->master_key == NULL) + ssl->session->master_key_length <= 0) return -1; if (skip_keyblock) { diff --git a/src/drivers/driver.h b/src/drivers/driver.h index a52328c5..e4d0412a 100644 --- a/src/drivers/driver.h +++ b/src/drivers/driver.h @@ -20,6 +20,7 @@ #define WPA_SUPPLICANT_DRIVER_VERSION 4 #include "common/defs.h" +#include "common/ieee802_11_defs.h" #include "utils/list.h" #define HOSTAPD_CHAN_DISABLED 0x00000001 @@ -341,7 +342,7 @@ struct wpa_driver_scan_params { * is not needed anymore. */ struct wpa_driver_scan_filter { - u8 ssid[32]; + u8 ssid[SSID_MAX_LEN]; size_t ssid_len; } *filter_ssids; diff --git a/src/drivers/driver_hostap.h b/src/drivers/driver_hostap.h index a9d3e76c..4c1e6d69 100644 --- a/src/drivers/driver_hostap.h +++ b/src/drivers/driver_hostap.h @@ -192,7 +192,7 @@ struct prism2_hostapd_param { } mlme; struct { u8 ssid_len; - u8 ssid[32]; + u8 ssid[SSID_MAX_LEN]; } scan_req; } u; }; diff --git a/src/drivers/driver_ndis.c b/src/drivers/driver_ndis.c index 4953af6a..669f1b81 100644 --- a/src/drivers/driver_ndis.c +++ b/src/drivers/driver_ndis.c @@ -709,11 +709,11 @@ static int wpa_driver_ndis_radio_off(struct wpa_driver_ndis_data *drv) /* Disconnect by setting SSID to random (i.e., likely not used). */ static int wpa_driver_ndis_disconnect(struct wpa_driver_ndis_data *drv) { - char ssid[32]; + char ssid[SSID_MAX_LEN]; int i; - for (i = 0; i < 32; i++) + for (i = 0; i < SSID_MAX_LEN; i++) ssid[i] = rand() & 0xff; - return wpa_driver_ndis_set_ssid(drv, (u8 *) ssid, 32); + return wpa_driver_ndis_set_ssid(drv, (u8 *) ssid, SSID_MAX_LEN); } @@ -806,7 +806,7 @@ static struct wpa_scan_res * wpa_driver_ndis_add_scan_ssid( if (wpa_scan_get_ie(r, WLAN_EID_SSID)) return r; /* SSID IE already present */ - if (ssid->SsidLength == 0 || ssid->SsidLength > 32) + if (ssid->SsidLength == 0 || ssid->SsidLength > SSID_MAX_LEN) return r; /* No valid SSID inside scan data */ nr = os_realloc(r, sizeof(*r) + r->ie_len + 2 + ssid->SsidLength); diff --git a/src/drivers/driver_nl80211.h b/src/drivers/driver_nl80211.h index 64c4665d..b5071b4a 100644 --- a/src/drivers/driver_nl80211.h +++ b/src/drivers/driver_nl80211.h @@ -110,7 +110,7 @@ struct wpa_driver_nl80211_data { u8 bssid[ETH_ALEN]; u8 prev_bssid[ETH_ALEN]; int associated; - u8 ssid[32]; + u8 ssid[SSID_MAX_LEN]; size_t ssid_len; enum nl80211_iftype nlmode; enum nl80211_iftype ap_scan_as_station; @@ -169,7 +169,7 @@ struct wpa_driver_nl80211_data { /* From failed authentication command */ int auth_freq; u8 auth_bssid_[ETH_ALEN]; - u8 auth_ssid[32]; + u8 auth_ssid[SSID_MAX_LEN]; size_t auth_ssid_len; int auth_alg; u8 *auth_ie; diff --git a/src/drivers/driver_privsep.c b/src/drivers/driver_privsep.c index de23fbd2..26d2bab0 100644 --- a/src/drivers/driver_privsep.c +++ b/src/drivers/driver_privsep.c @@ -281,14 +281,15 @@ static int wpa_driver_privsep_get_ssid(void *priv, u8 *ssid) { struct wpa_driver_privsep_data *drv = priv; int res, ssid_len; - u8 reply[sizeof(int) + 32]; + u8 reply[sizeof(int) + SSID_MAX_LEN]; size_t len = sizeof(reply); res = wpa_priv_cmd(drv, PRIVSEP_CMD_GET_SSID, NULL, 0, reply, &len); if (res < 0 || len < sizeof(int)) return -1; os_memcpy(&ssid_len, reply, sizeof(int)); - if (ssid_len < 0 || ssid_len > 32 || sizeof(int) + ssid_len > len) { + if (ssid_len < 0 || ssid_len > SSID_MAX_LEN || + sizeof(int) + ssid_len > len) { wpa_printf(MSG_DEBUG, "privsep: Invalid get SSID reply"); return -1; } diff --git a/src/drivers/driver_wext.c b/src/drivers/driver_wext.c index 22e11840..01defdff 100644 --- a/src/drivers/driver_wext.c +++ b/src/drivers/driver_wext.c @@ -132,7 +132,7 @@ int wpa_driver_wext_get_ssid(void *priv, u8 *ssid) os_memset(&iwr, 0, sizeof(iwr)); os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ); iwr.u.essid.pointer = (caddr_t) ssid; - iwr.u.essid.length = 32; + iwr.u.essid.length = SSID_MAX_LEN; if (ioctl(drv->ioctl_sock, SIOCGIWESSID, &iwr) < 0) { wpa_printf(MSG_ERROR, "ioctl[SIOCGIWESSID]: %s", @@ -140,8 +140,8 @@ int wpa_driver_wext_get_ssid(void *priv, u8 *ssid) ret = -1; } else { ret = iwr.u.essid.length; - if (ret > 32) - ret = 32; + if (ret > SSID_MAX_LEN) + ret = SSID_MAX_LEN; /* Some drivers include nul termination in the SSID, so let's * remove it here before further processing. WE-21 changes this * to explicitly require the length _not_ to include nul @@ -169,7 +169,7 @@ int wpa_driver_wext_set_ssid(void *priv, const u8 *ssid, size_t ssid_len) int ret = 0; char buf[33]; - if (ssid_len > 32) + if (ssid_len > SSID_MAX_LEN) return -1; os_memset(&iwr, 0, sizeof(iwr)); @@ -1199,7 +1199,7 @@ struct wext_scan_data { struct wpa_scan_res res; u8 *ie; size_t ie_len; - u8 ssid[32]; + u8 ssid[SSID_MAX_LEN]; size_t ssid_len; int maxrate; }; @@ -1952,7 +1952,7 @@ static void wpa_driver_wext_disconnect(struct wpa_driver_wext_data *drv) { struct iwreq iwr; const u8 null_bssid[ETH_ALEN] = { 0, 0, 0, 0, 0, 0 }; - u8 ssid[32]; + u8 ssid[SSID_MAX_LEN]; int i; /* @@ -1994,9 +1994,9 @@ static void wpa_driver_wext_disconnect(struct wpa_driver_wext_data *drv) * SIOCSIWMLME commands (or tries to associate automatically * after deauth/disassoc). */ - for (i = 0; i < 32; i++) + for (i = 0; i < SSID_MAX_LEN; i++) ssid[i] = rand() & 0xFF; - if (wpa_driver_wext_set_ssid(drv, ssid, 32) < 0) { + if (wpa_driver_wext_set_ssid(drv, ssid, SSID_MAX_LEN) < 0) { wpa_printf(MSG_DEBUG, "WEXT: Failed to set bogus " "SSID to disconnect"); } diff --git a/src/eap_common/Makefile b/src/eap_common/Makefile index adfd3dfd..f00b438c 100644 --- a/src/eap_common/Makefile +++ b/src/eap_common/Makefile @@ -1,8 +1,31 @@ -all: - @echo Nothing to be made. +all: libeap_common.a clean: - rm -f *~ *.o *.d *.gcno *.gcda *.gcov + rm -f *~ *.o *.d *.gcno *.gcda *.gcov libeap_common.a install: @echo Nothing to be made. + +include ../lib.rules + +LIB_OBJS= \ + chap.o \ + eap_common.o \ + eap_eke_common.o \ + eap_eke_common.o \ + eap_fast_common.o \ + eap_gpsk_common.o \ + eap_ikev2_common.o \ + eap_pax_common.o \ + eap_peap_common.o \ + eap_psk_common.o \ + eap_pwd_common.o \ + eap_sake_common.o \ + eap_sim_common.o \ + eap_wsc_common.o \ + ikev2_common.o + +libeap_common.a: $(LIB_OBJS) + $(AR) crT $@ $? + +-include $(OBJS:%.o=%.d) diff --git a/src/eap_peer/Makefile b/src/eap_peer/Makefile index f79519b7..6531ccd5 100644 --- a/src/eap_peer/Makefile +++ b/src/eap_peer/Makefile @@ -1,11 +1,23 @@ -all: - @echo Nothing to be made. +all: libeap_peer.a clean: - rm -f *~ *.o *.so *.d *.gcno *.gcda *.gcov + rm -f *~ *.o *.so *.d *.gcno *.gcda *.gcov libeap_peer.a install: if ls *.so >/dev/null 2>&1; then \ install -d $(DESTDIR)$(LIBDIR)/wpa_supplicant && \ cp *.so $(DESTDIR)$(LIBDIR)/wpa_supplicant \ ; fi + +include ../lib.rules + +CFLAGS += -DIEEE8021X_EAPOL + +LIB_OBJS= \ + eap.o \ + eap_methods.o + +libeap_peer.a: $(LIB_OBJS) + $(AR) crT $@ $? + +-include $(OBJS:%.o=%.d) diff --git a/src/eap_server/Makefile b/src/eap_server/Makefile index adfd3dfd..1172b724 100644 --- a/src/eap_server/Makefile +++ b/src/eap_server/Makefile @@ -1,8 +1,21 @@ -all: - @echo Nothing to be made. +all: libeap_server.a clean: - rm -f *~ *.o *.d *.gcno *.gcda *.gcov + rm -f *~ *.o *.d *.gcno *.gcda *.gcov libeap_server.a install: @echo Nothing to be made. + +include ../lib.rules + +CFLAGS += -DCONFIG_HS20 + +LIB_OBJS= \ + eap_server.o \ + eap_server_identity.o \ + eap_server_methods.o + +libeap_server.a: $(LIB_OBJS) + $(AR) crT $@ $? + +-include $(OBJS:%.o=%.d) diff --git a/src/eapol_auth/Makefile b/src/eapol_auth/Makefile index adfd3dfd..7b927a12 100644 --- a/src/eapol_auth/Makefile +++ b/src/eapol_auth/Makefile @@ -1,8 +1,16 @@ -all: - @echo Nothing to be made. +all: libeapol_auth.a clean: - rm -f *~ *.o *.d *.gcno *.gcda *.gcov + rm -f *~ *.o *.d *.gcno *.gcda *.gcov libeapol_auth.a install: @echo Nothing to be made. + +include ../lib.rules + +LIB_OBJS = eapol_auth_sm.o eapol_auth_dump.o + +libeapol_auth.a: $(LIB_OBJS) + $(AR) crT $@ $? + +-include $(OBJS:%.o=%.d) diff --git a/src/eapol_supp/Makefile b/src/eapol_supp/Makefile index adfd3dfd..80db9d48 100644 --- a/src/eapol_supp/Makefile +++ b/src/eapol_supp/Makefile @@ -1,8 +1,18 @@ -all: - @echo Nothing to be made. +all: libeapol_supp.a clean: - rm -f *~ *.o *.d *.gcno *.gcda *.gcov + rm -f *~ *.o *.d *.gcno *.gcda *.gcov libeapol_supp.a install: @echo Nothing to be made. + +include ../lib.rules + +CFLAGS += -DIEEE8021X_EAPOL + +LIB_OBJS = eapol_supp_sm.o + +libeapol_supp.a: $(LIB_OBJS) + $(AR) crT $@ $? + +-include $(OBJS:%.o=%.d) diff --git a/src/l2_packet/Makefile b/src/l2_packet/Makefile index adfd3dfd..47925b79 100644 --- a/src/l2_packet/Makefile +++ b/src/l2_packet/Makefile @@ -1,8 +1,16 @@ -all: - @echo Nothing to be made. +all: libl2_packet.a clean: - rm -f *~ *.o *.d *.gcno *.gcda *.gcov + rm -f *~ *.o *.d *.gcno *.gcda *.gcov libl2_packet.a install: @echo Nothing to be made. + +include ../lib.rules + +LIB_OBJS = l2_packet_linux.o + +libl2_packet.a: $(LIB_OBJS) + $(AR) crT $@ $? + +-include $(OBJS:%.o=%.d) diff --git a/src/p2p/Makefile b/src/p2p/Makefile index adfd3dfd..5587fcf2 100644 --- a/src/p2p/Makefile +++ b/src/p2p/Makefile @@ -1,8 +1,29 @@ -all: - @echo Nothing to be made. +all: libp2p.a clean: - rm -f *~ *.o *.d *.gcno *.gcda *.gcov + rm -f *~ *.o *.d *.gcno *.gcda *.gcov libp2p.a install: @echo Nothing to be made. + +include ../lib.rules + +CFLAGS += -DCONFIG_WIFI_DISPLAY +CFLAGS += -DCONFIG_WPS_NFC + +LIB_OBJS= \ + p2p_build.o \ + p2p.o \ + p2p_dev_disc.o \ + p2p_go_neg.o \ + p2p_group.o \ + p2p_invitation.o \ + p2p_parse.o \ + p2p_pd.o \ + p2p_sd.o \ + p2p_utils.o + +libp2p.a: $(LIB_OBJS) + $(AR) crT $@ $? + +-include $(OBJS:%.o=%.d) diff --git a/src/p2p/p2p.h b/src/p2p/p2p.h index 2e5c3dc7..da2446df 100644 --- a/src/p2p/p2p.h +++ b/src/p2p/p2p.h @@ -9,7 +9,8 @@ #ifndef P2P_H #define P2P_H -#include "wps/wps_defs.h" +#include "common/ieee802_11_defs.h" +#include "wps/wps.h" /* P2P ASP Setup Capability */ #define P2PS_SETUP_NONE 0 @@ -95,7 +96,7 @@ struct p2p_go_neg_results { /** * ssid - SSID of the group */ - u8 ssid[32]; + u8 ssid[SSID_MAX_LEN]; /** * ssid_len - Length of SSID in octets @@ -268,27 +269,27 @@ struct p2p_peer_info { /** * device_name - Device Name (0..32 octets encoded in UTF-8) */ - char device_name[33]; + char device_name[WPS_DEV_NAME_MAX_LEN + 1]; /** * manufacturer - Manufacturer (0..64 octets encoded in UTF-8) */ - char manufacturer[65]; + char manufacturer[WPS_MANUFACTURER_MAX_LEN + 1]; /** * model_name - Model Name (0..32 octets encoded in UTF-8) */ - char model_name[33]; + char model_name[WPS_MODEL_NAME_MAX_LEN + 1]; /** * model_number - Model Number (0..32 octets encoded in UTF-8) */ - char model_number[33]; + char model_number[WPS_MODEL_NUMBER_MAX_LEN + 1]; /** * serial_number - Serial Number (0..32 octets encoded in UTF-8) */ - char serial_number[33]; + char serial_number[WPS_SERIAL_NUMBER_MAX_LEN + 1]; /** * level - Signal level @@ -316,7 +317,7 @@ struct p2p_peer_info { * This list includes from 0 to 16 Secondary Device Types as indicated * by wps_sec_dev_type_list_len (8 * number of types). */ - u8 wps_sec_dev_type_list[128]; + u8 wps_sec_dev_type_list[WPS_SEC_DEV_TYPE_MAX_LEN]; /** * wps_sec_dev_type_list_len - Length of secondary device type list @@ -495,7 +496,7 @@ struct p2p_config { * This data will be added to the end of the SSID after the * DIRECT-<random two octets> prefix. */ - u8 ssid_postfix[32 - 9]; + u8 ssid_postfix[SSID_MAX_LEN - 9]; /** * ssid_postfix_len - Length of the ssid_postfix data @@ -1607,7 +1608,7 @@ struct p2p_group_config { /** * ssid - Group SSID */ - u8 ssid[32]; + u8 ssid[SSID_MAX_LEN]; /** * ssid_len - Length of SSID @@ -2214,7 +2215,7 @@ struct p2p_nfc_params { size_t oob_dev_pw_len; int go_freq; u8 go_dev_addr[ETH_ALEN]; - u8 go_ssid[32]; + u8 go_ssid[SSID_MAX_LEN]; size_t go_ssid_len; }; diff --git a/src/p2p/p2p_i.h b/src/p2p/p2p_i.h index 6af19ced..289a62d3 100644 --- a/src/p2p/p2p_i.h +++ b/src/p2p/p2p_i.h @@ -71,7 +71,7 @@ struct p2p_device { char country[3]; struct p2p_channels channels; int oper_freq; - u8 oper_ssid[32]; + u8 oper_ssid[SSID_MAX_LEN]; size_t oper_ssid_len; /** @@ -322,7 +322,7 @@ struct p2p_data { /** * ssid - Selected SSID for GO Negotiation (if local end will be GO) */ - u8 ssid[32]; + u8 ssid[SSID_MAX_LEN]; /** * ssid_len - ssid length in octets @@ -403,7 +403,7 @@ struct p2p_data { enum p2p_invite_role inv_role; u8 inv_bssid[ETH_ALEN]; int inv_bssid_set; - u8 inv_ssid[32]; + u8 inv_ssid[SSID_MAX_LEN]; size_t inv_ssid_len; u8 inv_sa[ETH_ALEN]; u8 inv_group_bssid[ETH_ALEN]; @@ -578,7 +578,7 @@ struct p2p_message { const u8 *p2p_device_addr; const u8 *pri_dev_type; u8 num_sec_dev_types; - char device_name[33]; + char device_name[WPS_DEV_NAME_MAX_LEN + 1]; u16 config_methods; /* WPS IE */ diff --git a/src/p2p/p2p_invitation.c b/src/p2p/p2p_invitation.c index 558c6dd0..44a6bbfd 100644 --- a/src/p2p/p2p_invitation.c +++ b/src/p2p/p2p_invitation.c @@ -387,7 +387,7 @@ fail: } else p2p->inv_group_bssid_ptr = NULL; if (msg.group_id) { - if (msg.group_id_len - ETH_ALEN <= 32) { + if (msg.group_id_len - ETH_ALEN <= SSID_MAX_LEN) { os_memcpy(p2p->inv_ssid, msg.group_id + ETH_ALEN, msg.group_id_len - ETH_ALEN); p2p->inv_ssid_len = msg.group_id_len - ETH_ALEN; diff --git a/src/p2p/p2p_parse.c b/src/p2p/p2p_parse.c index fd6a4610..980dddf1 100644 --- a/src/p2p/p2p_parse.c +++ b/src/p2p/p2p_parse.c @@ -149,7 +149,8 @@ static int p2p_parse_attribute(u8 id, const u8 *data, u16 len, pos += 2; nlen = WPA_GET_BE16(pos); pos += 2; - if (data + len - pos < (int) nlen || nlen > 32) { + if (data + len - pos < (int) nlen || + nlen > WPS_DEV_NAME_MAX_LEN) { wpa_printf(MSG_DEBUG, "P2P: Invalid Device Name " "length %d (buf len %d)", (int) nlen, (int) (data + len - pos)); @@ -160,8 +161,7 @@ static int p2p_parse_attribute(u8 id, const u8 *data, u16 len, for (i = 0; i < nlen; i++) { if (msg->device_name[i] == '\0') break; - if (msg->device_name[i] > 0 && - msg->device_name[i] < 32) + if (is_ctrl_char(msg->device_name[i])) msg->device_name[i] = '_'; } wpa_printf(MSG_DEBUG, "P2P: * Device Info: addr " MACSTR @@ -203,7 +203,7 @@ static int p2p_parse_attribute(u8 id, const u8 *data, u16 len, MAC2STR(msg->group_bssid)); break; case P2P_ATTR_GROUP_ID: - if (len < ETH_ALEN || len > ETH_ALEN + 32) { + if (len < ETH_ALEN || len > ETH_ALEN + SSID_MAX_LEN) { wpa_printf(MSG_DEBUG, "P2P: Invalid P2P Group ID " "attribute length %d", len); return -1; @@ -371,9 +371,9 @@ static int p2p_parse_attribute(u8 id, const u8 *data, u16 len, break; case P2P_ATTR_PERSISTENT_GROUP: { - if (len < ETH_ALEN) { + if (len < ETH_ALEN || len > ETH_ALEN + SSID_MAX_LEN) { wpa_printf(MSG_DEBUG, - "P2P: Too short Persistent Group Info (length %u)", + "P2P: Invalid Persistent Group Info (length %u)", len); return -1; } @@ -516,7 +516,7 @@ int p2p_parse_ies(const u8 *data, size_t len, struct p2p_message *msg) struct ieee802_11_elems elems; ieee802_11_parse_elems(data, len, &elems, 0); - if (elems.ds_params && elems.ds_params_len >= 1) + if (elems.ds_params) msg->ds_params = elems.ds_params; if (elems.ssid) msg->ssid = elems.ssid - 2; @@ -674,8 +674,8 @@ int p2p_group_info_parse(const u8 *gi, size_t gi_len, t += 2; if (count > cend - t) return -1; /* invalid Device Name TLV */ - if (count >= 32) - count = 32; + if (count >= WPS_DEV_NAME_MAX_LEN) + count = WPS_DEV_NAME_MAX_LEN; cli->dev_name = (const char *) t; cli->dev_name_len = count; @@ -703,7 +703,7 @@ static int p2p_group_info_text(const u8 *gi, size_t gi_len, char *buf, for (i = 0; i < info.num_clients; i++) { struct p2p_client_info *cli; - char name[33]; + char name[WPS_DEV_NAME_MAX_LEN + 1]; char devtype[WPS_DEV_TYPE_BUFSIZE]; u8 s; int count; @@ -742,7 +742,7 @@ static int p2p_group_info_text(const u8 *gi, size_t gi_len, char *buf, name[cli->dev_name_len] = '\0'; count = (int) cli->dev_name_len - 1; while (count >= 0) { - if (name[count] > 0 && name[count] < 32) + if (is_ctrl_char(name[count])) name[count] = '_'; count--; } diff --git a/src/p2p/p2p_pd.c b/src/p2p/p2p_pd.c index 328b1e02..bc84269e 100644 --- a/src/p2p/p2p_pd.c +++ b/src/p2p/p2p_pd.c @@ -44,7 +44,7 @@ static void p2ps_add_new_group_info(struct p2p_data *p2p, struct wpabuf *buf) { int found; u8 intended_addr[ETH_ALEN]; - u8 ssid[32]; + u8 ssid[SSID_MAX_LEN]; size_t ssid_len; int group_iface; @@ -84,7 +84,7 @@ static void p2ps_add_pd_req_attrs(struct p2p_data *p2p, struct p2p_device *dev, struct p2ps_provision *prov = p2p->p2ps_prov; u8 feat_cap_mask[] = { 1, 0 }; int shared_group = 0; - u8 ssid[32]; + u8 ssid[SSID_MAX_LEN]; size_t ssid_len; u8 go_dev_addr[ETH_ALEN]; @@ -293,7 +293,7 @@ static struct wpabuf * p2p_build_prov_disc_resp(struct p2p_data *p2p, if (persist_ssid && p2p->cfg->get_persistent_group && (status == P2P_SC_SUCCESS || status == P2P_SC_SUCCESS_DEFERRED)) { - u8 ssid[32]; + u8 ssid[SSID_MAX_LEN]; size_t ssid_len; u8 go_dev_addr[ETH_ALEN]; diff --git a/src/radius/Makefile b/src/radius/Makefile index b5d063da..3ad4751d 100644 --- a/src/radius/Makefile +++ b/src/radius/Makefile @@ -14,6 +14,7 @@ CFLAGS += -DCONFIG_IPV6 LIB_OBJS= \ radius.o \ radius_client.o \ + radius_das.o \ radius_server.o libradius.a: $(LIB_OBJS) diff --git a/src/rsn_supp/Makefile b/src/rsn_supp/Makefile index adfd3dfd..d5e61fe7 100644 --- a/src/rsn_supp/Makefile +++ b/src/rsn_supp/Makefile @@ -1,8 +1,30 @@ -all: - @echo Nothing to be made. +all: librsn_supp.a clean: - rm -f *~ *.o *.d *.gcno *.gcda *.gcov + rm -f *~ *.o *.d *.gcno *.gcda *.gcov librsn_supp.a install: @echo Nothing to be made. + +include ../lib.rules + +CFLAGS += -DCONFIG_IEEE80211W +CFLAGS += -DCONFIG_IEEE80211R +CFLAGS += -DCONFIG_PEERKEY +CFLAGS += -DCONFIG_TDLS +CFLAGS += -DCONFIG_WNM +CFLAGS += -DIEEE8021X_EAPOL + +LIB_OBJS= \ + pmksa_cache.o \ + wpa_ft.o \ + peerkey.o \ + tdls.o \ + preauth.o \ + wpa.o \ + wpa_ie.o + +librsn_supp.a: $(LIB_OBJS) + $(AR) crT $@ $? + +-include $(OBJS:%.o=%.d) diff --git a/src/rsn_supp/tdls.c b/src/rsn_supp/tdls.c index c1d77491..6b1df711 100644 --- a/src/rsn_supp/tdls.c +++ b/src/rsn_supp/tdls.c @@ -1577,9 +1577,7 @@ static int copy_supp_rates(const struct wpa_eapol_ie_parse *kde, static int copy_peer_ht_capab(const struct wpa_eapol_ie_parse *kde, struct wpa_tdls_peer *peer) { - if (!kde->ht_capabilities || - kde->ht_capabilities_len < - sizeof(struct ieee80211_ht_capabilities) ) { + if (!kde->ht_capabilities) { wpa_printf(MSG_DEBUG, "TDLS: No supported ht capabilities " "received"); return 0; @@ -1605,9 +1603,7 @@ static int copy_peer_ht_capab(const struct wpa_eapol_ie_parse *kde, static int copy_peer_vht_capab(const struct wpa_eapol_ie_parse *kde, struct wpa_tdls_peer *peer) { - if (!kde->vht_capabilities || - kde->vht_capabilities_len < - sizeof(struct ieee80211_vht_capabilities) ) { + if (!kde->vht_capabilities) { wpa_printf(MSG_DEBUG, "TDLS: No supported vht capabilities " "received"); return 0; diff --git a/src/rsn_supp/wpa_ie.c b/src/rsn_supp/wpa_ie.c index 0d96216d..0c37b35c 100644 --- a/src/rsn_supp/wpa_ie.c +++ b/src/rsn_supp/wpa_ie.c @@ -511,12 +511,14 @@ int wpa_supplicant_parse_ies(const u8 *buf, size_t len, ie->rsn_ie_len = pos[1] + 2; wpa_hexdump(MSG_DEBUG, "WPA: RSN IE in EAPOL-Key", ie->rsn_ie, ie->rsn_ie_len); - } else if (*pos == WLAN_EID_MOBILITY_DOMAIN) { + } else if (*pos == WLAN_EID_MOBILITY_DOMAIN && + pos[1] >= sizeof(struct rsn_mdie)) { ie->mdie = pos; ie->mdie_len = pos[1] + 2; wpa_hexdump(MSG_DEBUG, "WPA: MDIE in EAPOL-Key", ie->mdie, ie->mdie_len); - } else if (*pos == WLAN_EID_FAST_BSS_TRANSITION) { + } else if (*pos == WLAN_EID_FAST_BSS_TRANSITION && + pos[1] >= sizeof(struct rsn_ftie)) { ie->ftie = pos; ie->ftie_len = pos[1] + 2; wpa_hexdump(MSG_DEBUG, "WPA: FTIE in EAPOL-Key", @@ -551,15 +553,16 @@ int wpa_supplicant_parse_ies(const u8 *buf, size_t len, } else if (*pos == WLAN_EID_EXT_SUPP_RATES) { ie->ext_supp_rates = pos; ie->ext_supp_rates_len = pos[1] + 2; - } else if (*pos == WLAN_EID_HT_CAP) { + } else if (*pos == WLAN_EID_HT_CAP && + pos[1] >= sizeof(struct ieee80211_ht_capabilities)) { ie->ht_capabilities = pos + 2; - ie->ht_capabilities_len = pos[1]; } else if (*pos == WLAN_EID_VHT_AID) { if (pos[1] >= 2) ie->aid = WPA_GET_LE16(pos + 2) & 0x3fff; - } else if (*pos == WLAN_EID_VHT_CAP) { + } else if (*pos == WLAN_EID_VHT_CAP && + pos[1] >= sizeof(struct ieee80211_vht_capabilities)) + { ie->vht_capabilities = pos + 2; - ie->vht_capabilities_len = pos[1]; } else if (*pos == WLAN_EID_QOS && pos[1] >= 1) { ie->qosinfo = pos[2]; } else if (*pos == WLAN_EID_SUPPORTED_CHANNELS) { diff --git a/src/rsn_supp/wpa_ie.h b/src/rsn_supp/wpa_ie.h index 0fc42cc4..fe95af0a 100644 --- a/src/rsn_supp/wpa_ie.h +++ b/src/rsn_supp/wpa_ie.h @@ -50,9 +50,7 @@ struct wpa_eapol_ie_parse { const u8 *ext_supp_rates; size_t ext_supp_rates_len; const u8 *ht_capabilities; - size_t ht_capabilities_len; const u8 *vht_capabilities; - size_t vht_capabilities_len; const u8 *supp_channels; size_t supp_channels_len; const u8 *supp_oper_classes; diff --git a/src/utils/common.c b/src/utils/common.c index 0bdc38db..5cf0d571 100644 --- a/src/utils/common.c +++ b/src/utils/common.c @@ -8,6 +8,7 @@ #include "includes.h" +#include "common/ieee802_11_defs.h" #include "common.h" @@ -609,7 +610,7 @@ size_t printf_decode(u8 *buf, size_t maxlen, const char *str) */ const char * wpa_ssid_txt(const u8 *ssid, size_t ssid_len) { - static char ssid_txt[32 * 4 + 1]; + static char ssid_txt[SSID_MAX_LEN * 4 + 1]; if (ssid == NULL) { ssid_txt[0] = '\0'; @@ -1087,3 +1088,9 @@ size_t utf8_escape(const char *inp, size_t in_size, return res_size; } + + +int is_ctrl_char(char c) +{ + return c > 0 && c < 32; +} diff --git a/src/utils/common.h b/src/utils/common.h index a0eda4a2..88318f5d 100644 --- a/src/utils/common.h +++ b/src/utils/common.h @@ -554,6 +554,7 @@ size_t utf8_escape(const char *inp, size_t in_size, char *outp, size_t out_size); size_t utf8_unescape(const char *inp, size_t in_size, char *outp, size_t out_size); +int is_ctrl_char(char c); /* diff --git a/src/utils/utils_module_tests.c b/src/utils/utils_module_tests.c index 4b97dadd..b2c7e08a 100644 --- a/src/utils/utils_module_tests.c +++ b/src/utils/utils_module_tests.c @@ -9,6 +9,7 @@ #include "utils/includes.h" #include "utils/common.h" +#include "common/ieee802_11_defs.h" #include "utils/bitfield.h" #include "utils/ext_password.h" #include "utils/trace.h" @@ -340,6 +341,9 @@ static int common_tests(void) u8 bin[3]; int errors = 0; struct wpa_freq_range_list ranges; + size_t len; + const char *txt; + u8 ssid[255]; wpa_printf(MSG_INFO, "common tests"); @@ -395,6 +399,16 @@ static int common_tests(void) if (utf8_escape("a", 0, buf, sizeof(buf)) != 1 || buf[0] != 'a') errors++; + os_memset(ssid, 0, sizeof(ssid)); + txt = wpa_ssid_txt(ssid, sizeof(ssid)); + len = os_strlen(txt); + /* Verify that SSID_MAX_LEN * 4 buffer limit is enforced. */ + if (len != SSID_MAX_LEN * 4) { + wpa_printf(MSG_ERROR, + "Unexpected wpa_ssid_txt() result with too long SSID"); + errors++; + } + if (errors) { wpa_printf(MSG_ERROR, "%d common test(s) failed", errors); return -1; diff --git a/src/wps/Makefile b/src/wps/Makefile index adfd3dfd..4806fe8d 100644 --- a/src/wps/Makefile +++ b/src/wps/Makefile @@ -1,8 +1,41 @@ -all: - @echo Nothing to be made. +all: libwps.a clean: - rm -f *~ *.o *.d *.gcno *.gcda *.gcov + rm -f *~ *.o *.d *.gcno *.gcda *.gcov libwps.a install: @echo Nothing to be made. + +include ../lib.rules + +CFLAGS += -DCONFIG_P2P +CFLAGS += -DCONFIG_WPS_OOB +CFLAGS += -DCONFIG_WPS_NFC + +LIB_OBJS= \ + http_client.o \ + httpread.o \ + http_server.o \ + ndef.o \ + upnp_xml.o \ + wps_attr_build.o \ + wps_attr_parse.o \ + wps_attr_process.o \ + wps.o \ + wps_common.o \ + wps_dev_attr.o \ + wps_enrollee.o \ + wps_er.o \ + wps_er_ssdp.o \ + wps_module_tests.o \ + wps_registrar.o \ + wps_upnp_ap.o \ + wps_upnp.o \ + wps_upnp_event.o \ + wps_upnp_ssdp.o \ + wps_upnp_web.o + +libwps.a: $(LIB_OBJS) + $(AR) crT $@ $? + +-include $(OBJS:%.o=%.d) diff --git a/src/wps/wps.c b/src/wps/wps.c index 2c68be8c..498f11f0 100644 --- a/src/wps/wps.c +++ b/src/wps/wps.c @@ -618,7 +618,8 @@ int wps_attr_text(struct wpabuf *data, char *buf, char *end) if (str == NULL) return pos - buf; for (i = 0; i < attr.dev_name_len; i++) { - if (attr.dev_name[i] < 32) + if (attr.dev_name[i] == 0 || + is_ctrl_char(attr.dev_name[i])) str[i] = '_'; else str[i] = attr.dev_name[i]; diff --git a/src/wps/wps.h b/src/wps/wps.h index 0a7f65df..c88aaa45 100644 --- a/src/wps/wps.h +++ b/src/wps/wps.h @@ -9,6 +9,7 @@ #ifndef WPS_H #define WPS_H +#include "common/ieee802_11_defs.h" #include "wps_defs.h" /** @@ -44,7 +45,7 @@ struct wps_parse_attr; * @cred_attr_len: Length of cred_attr in octets */ struct wps_credential { - u8 ssid[32]; + u8 ssid[SSID_MAX_LEN]; size_t ssid_len; u16 auth_type; u16 encr_type; @@ -623,7 +624,7 @@ struct wps_context { * Credentials. In addition, AP uses it when acting as an Enrollee to * notify Registrar of the current configuration. */ - u8 ssid[32]; + u8 ssid[SSID_MAX_LEN]; /** * ssid_len - Length of ssid in octets diff --git a/src/wps/wps_attr_parse.c b/src/wps/wps_attr_parse.c index 40bc1ad2..11a967ba 100644 --- a/src/wps/wps_attr_parse.c +++ b/src/wps/wps_attr_parse.c @@ -447,25 +447,55 @@ static int wps_set_attr(struct wps_parse_attr *attr, u16 type, break; case ATTR_MANUFACTURER: attr->manufacturer = pos; - attr->manufacturer_len = len; + if (len > WPS_MANUFACTURER_MAX_LEN) + attr->manufacturer_len = WPS_MANUFACTURER_MAX_LEN; + else + attr->manufacturer_len = len; break; case ATTR_MODEL_NAME: attr->model_name = pos; - attr->model_name_len = len; + if (len > WPS_MODEL_NAME_MAX_LEN) + attr->model_name_len = WPS_MODEL_NAME_MAX_LEN; + else + attr->model_name_len = len; break; case ATTR_MODEL_NUMBER: attr->model_number = pos; - attr->model_number_len = len; + if (len > WPS_MODEL_NUMBER_MAX_LEN) + attr->model_number_len = WPS_MODEL_NUMBER_MAX_LEN; + else + attr->model_number_len = len; break; case ATTR_SERIAL_NUMBER: attr->serial_number = pos; - attr->serial_number_len = len; + if (len > WPS_SERIAL_NUMBER_MAX_LEN) + attr->serial_number_len = WPS_SERIAL_NUMBER_MAX_LEN; + else + attr->serial_number_len = len; break; case ATTR_DEV_NAME: + if (len > WPS_DEV_NAME_MAX_LEN) { + wpa_printf(MSG_DEBUG, + "WPS: Ignore too long Device Name (len=%u)", + len); + break; + } attr->dev_name = pos; attr->dev_name_len = len; break; case ATTR_PUBLIC_KEY: + /* + * The Public Key attribute is supposed to be exactly 192 bytes + * in length. Allow couple of bytes shorter one to try to + * interoperate with implementations that do not use proper + * zero-padding. + */ + if (len < 190 || len > 192) { + wpa_printf(MSG_DEBUG, + "WPS: Ignore Public Key with unexpected length %u", + len); + break; + } attr->public_key = pos; attr->public_key_len = len; break; @@ -485,6 +515,11 @@ static int wps_set_attr(struct wps_parse_attr *attr, u16 type, attr->num_cred++; break; case ATTR_SSID: + if (len > SSID_MAX_LEN) { + wpa_printf(MSG_DEBUG, + "WPS: Ignore too long SSID (len=%u)", len); + break; + } attr->ssid = pos; attr->ssid_len = len; break; diff --git a/src/wps/wps_defs.h b/src/wps/wps_defs.h index 25cd14a0..43341559 100644 --- a/src/wps/wps_defs.h +++ b/src/wps/wps_defs.h @@ -41,6 +41,11 @@ extern int wps_corrupt_pkhash; #define WPS_OOB_DEVICE_PASSWORD_MIN_LEN 16 #define WPS_OOB_DEVICE_PASSWORD_LEN 32 #define WPS_OOB_PUBKEY_HASH_LEN 20 +#define WPS_DEV_NAME_MAX_LEN 32 +#define WPS_MANUFACTURER_MAX_LEN 64 +#define WPS_MODEL_NAME_MAX_LEN 32 +#define WPS_MODEL_NUMBER_MAX_LEN 32 +#define WPS_SERIAL_NUMBER_MAX_LEN 32 /* Attribute Types */ enum wps_attribute { |