This makes it somewhat easier to use CONFIG_WPA_TRACE=y build with
external programs that might not be aware of the initialization
requirement, e.g., when linking wpa_ctrl.c with a program that does not
use the os_*() wrappers.
Signed-off-by: Jouni Malinen <j@w1.fi>
These were not supposed to include a newline at the end of the message
text since such formatting gets handled by tls_show_errors(). In
addition, change the message about the issuer's issuer to be more
accurate.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
If addition of a peer issuer certificate fails, the certs pointer would
be NULL when being passed to sk_X509_push() for peer issuer's issuer.
Fix this by skipping addition of issuer's issue if issuer addition
fails.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This define had been forgotten at some point in time and wpa_supplicant
compilation for Windows failed with some recently added code that
depended on this.
Signed-off-by: Jouni Malinen <j@w1.fi>
Addition of os_memcmp_const() in commit
afc3c8b07f had forgotten to include
common.h into os_win32.c to get u8 defined.
Signed-off-by: Jouni Malinen <j@w1.fi>
data.function needs to be set for the return value to be of any use and
strcmp won't work with NULL pointer either. (CID 99907)
Signed-off-by: Jouni Malinen <j@w1.fi>
In many applications it is useful not just to enumerate a group of well
known access points, but to use a address/mask notation to match an
entire set of addresses (ca:ff:ee:00:00:00/ff:ff:ff:00:00:00).
This change expands the data structures used by MAC lists to include a
mask indicating the significant (non-masked) portions of an address and
extends the list parser to recognize mask suffixes.
Signed-off-by: Stefan Tomanek <stefan.tomanek@wertarbyte.de>
The new control interface command TEST_ALLOC_FAIL and GET_ALLOC_FAIL can
now be used to trigger memory allocation failures for testing purposes.
TEST_ALLOC_FAIL sets a failure conditions with
<count>:func[;func][;func]... string and GET_ALLOC_FAIL returns the
current state using the same format. Whenever an allocation is made with
a matching backtrace of calling functions, the count is decremented by
one and once zero is reached, the allocation is forced to fail.
Function names can be prefixed with either '=' or '?' to get different
matching behavior. '=' requires this specific function to be the next
one in the backtrace (i.e., do not skip any other functions in the list
which is the default behavior). '?' allows the function to be optionally
present in the backtrace.
Signed-off-by: Jouni Malinen <j@w1.fi>
With CONFIG_WPA_TRACE_BFD, the type cast from void* to integer was
generating a compiler warning due to the target integer being larger in
size in case of 32-bit builds. Type case to bfd_hostptr_t instead of
directly to bfd_vma to avoid this.
Signed-off-by: Jouni Malinen <j@w1.fi>
The socket reference tracking entries need to be restored in case
os_realloc_array() fails when adding a new eloop socket.
Signed-off-by: Jouni Malinen <j@w1.fi>
If hostapd will use stdout for debugging, set stdout to be line
buffered in case its output is redirected to a file. This allows
incremental output to be viewed immediately instead of at the file
buffering interval.
Signed-hostap: Paul Stewart <pstew@chromium.org>
This converts most of the remaining perror() and printf() calls from
hostapd and wpa_supplicant to use wpa_printf().
Signed-off-by: Jouni Malinen <j@w1.fi>
This was used only for the VHT capability checks for determining bit
offset for right shift. That was replaced with a constant defines since
there is no need to calculate this at runtime.
Signed-off-by: Jouni Malinen <j@w1.fi>
Shift right on unsigned char limits the value to 0..63 which is within
bounds for base64_table[]. Anyway, some static analyzers do not seem to
understand that. See if an otherwise unnecessary masking gets rid of
false warnings. (CID 62858)
Signed-off-by: Jouni Malinen <j@w1.fi>
Shift right on unsigned char limits the value to 0..63 which is within
bounds for base64_table[]. Anyway, some static analyzers do not seem to
understand that. See if an otherwise unnecessary masking gets rid of
false warnings. (CID 62858)
Signed-off-by: Jouni Malinen <j@w1.fi>
Use a separate pointer and length field instead of trying to copy from a
struct field that has only part of the full buffer available.
(CID 68115)
Signed-off-by: Jouni Malinen <j@w1.fi>
_next_ns_data could look like it would be used uninitialized in
ieee80211_radiotap_iterator_next() to static analyzers. Avoid
unnecessary reports by explicitly initializing all variables in struct
ieee80211_radiotap_iterator. (CID 62878)
Signed-off-by: Jouni Malinen <j@w1.fi>
This makes it easier for static analyzer to confirm that the length
field bounds are checked. WPA_GET_BE16() is also used instead of
explicit byte-swapping operations in this file. (CID 68129)
Signed-off-by: Jouni Malinen <j@w1.fi>
This provides a simpler version of snprintf that doesn't require further
error checks.
Signed-off-by: Moshe Benji <moshe.benji@intel.com>
Signed-off-by: Eliad Peller <eliad@wizery.com>
This allows the URL to be passed as a single argument to the program
instead of getting split into multiple by os_exec(). This makes the
operation more robust for cases where the URL could have been received
from an external source and could potentially add extra arguments to the
command line.
In addition, fix the /system/bin/input execution by using system() for
it instead of execv() through os_exec(). /system/bin/input is a script
that execv() won't be able to run. Since the full command line is
specified, system() can be used for this. The keycode is also changed
from 3 to KEYCODE_HOME to make this work with current Android version.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This allows the URL to be passed as a single argument to the program
instead of getting split into multiple by os_exec(). This makes the
operation more robust for cases where the URL could have been received
from an external source and could potentially add extra arguments to the
command line.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This allows the URL to be passed as a single argument to the program
instead of getting split into multiple by os_exec(). This makes the
operation more robust for cases where the URL could have been received
from an external source and could potentially add extra arguments to the
command line.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This change adds a cast to void to indicate that the path parameter is
unused when CONFIG_DEBUG_FILE is not defined. This fixes a compiler
warning about unused parameters.
Signed-off-by: Toby Gray <toby.gray@realvnc.com>
Use os_exec() to run the external browser to avoid undesired command
line processing for control interface event strings. Previously, it
could have been possible for some of the event strings to include
unsanitized data which is not suitable for system() use.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Use os_exec() to run the external browser to avoid undesired command
line processing for control interface event strings. Previously, it
could have been possible for some of the event strings to include
unsanitized data which is not suitable for system() use.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Use os_exec() to run the external browser to avoid undesired command
line processing for control interface event strings. Previously, it
could have been possible for some of the event strings to include
unsanitized data which is not suitable for system() use.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
random_mac_addr_keep_oui() is similar to random_mac_addr(), but it
maintains the OUI part of the source address.
Signed-off-by: Jouni Malinen <j@w1.fi>
'\e' representing ESC (0x1b) is not C standard, it's an GNU extension.
https://gcc.gnu.org/onlinedocs/gcc/Character-Escapes.html#Character-Escapes
Since the code also compiles on Windows with Microsoft compiler, we
should use '\033' instead.
Note: I didn't try to build the whole wpa_supplicant on Windows, so I
don't know if it still builds (I have no Visual Studio 2005 for a quick
test). I just needed the string conversion routines for the P"" syntax
in both directions.
Signed-off-by: Bernhard Walle <bernhard@bwalle.de>
Due to a missing curly brackets, the OCSP status checking was not
working in the expected way. Instead of allowing optional-OCSP
configuration to accept connection when OCSP response was ready, all
such cases were marked as hard failures. In addition, the debug prints
were not necessarily accurate for the mandatory-OCSP-but-no-response
case (CID 72694, CID 72704).
Signed-off-by: Jouni Malinen <j@w1.fi>
This is similar to wpa_msg_global() in the same way as wpa_msg_ctrl() is
to wpa_msg(). In other words, wpa_msg_global_ctrl() is used to send
global control interface events without printing them into the debug
log.
Signed-off-by: Jouni Malinen <j@w1.fi>
Use an explicit memset call to clear any hs20-osu-client configuration
parameter that contains private information like keys or identity. This
brings in an additional layer of protection by reducing the length of
time this type of private data is kept in memory.
Signed-off-by: Jouni Malinen <j@w1.fi>
Use an explicit memset call to clear any wpa_supplicant configuration
parameter that contains private information like keys or identity. This
brings in an additional layer of protection by reducing the length of
time this type of private data is kept in memory.
Signed-off-by: Jouni Malinen <j@w1.fi>
This function is meant for comparing passwords or hash values where
difference in execution time could provide external observer information
about the location of the difference in the memory buffers. The return
value does not behave like os_memcmp(), i.e., os_memcmp_const() cannot
be used to sort items into a defined order. Unlike os_memcmp(),
execution time of os_memcmp_const() does not depend on the contents of
the compared memory buffers, but only on the total compared length.
Signed-off-by: Jouni Malinen <j@w1.fi>
The off-by-one error in printf_encode() bounds checking could have
allowed buffer overflow with 0x00 being written to the memory position
following the last octet of the target buffer. Since this output is used
as \0-terminated string, the following operation would likely read past
the buffer as well. Either of these operations can result in the process
dying either due to buffer overflow protection or by a read from
unallowed address.
This has been seen to cause wpa_supplicant crash on OpenBSD when control
interface client attaches (debug print shows the client socket address).
Similarly, it may be possible to trigger the issue in RADIUS/EAP server
implementation within hostapd with a suitable constructed user name.
Signed-off-by: Stuart Henderson <sthen@openbsd.org>
This patch adds epoll option for the eloop implementation. This can be
selected with the CONFIG_ELOOP_EPOLL=y build option.
[merit]
See Table1.
Table1. comparison table
+--------+--------+-----------+------------+-------------+
| | add fd | remove fd | prepare fd | dispatch fd |
+--------+--------+-----------+------------+-------------+
| select | O(1) | O(1) | O(N) | O(N) |
+--------+--------+-----------+------------+-------------+
| poll | O(1) | O(1) | O(N) | O(N) |
+--------+--------+-----------+------------+-------------+
| epoll | O(1) | O(1) | 0 | O(M) |
+--------+--------+-----------+------------+-------------+
"add fd" is addition of fd by eloop_sock_table_add_sock().
"remove fd" is removal of fd by eloop_sock_table_remove_sock().
"prepare fd" is preparation of fds before wait in eloop_run().
"dispatch fd" is dispatchment of fds by eloop_sock_table_dispatch().
"N" is all watching fds.
"M" is fds which could be dispatched after waiting.
As shown in Table1, epoll option has better performance on "prepare fd" column.
Because select/poll option requires setting fds before every select()/poll().
But epoll_wait() doesn't need it.
And epoll option has also better performance on "dispatch fd" column.
Because select/poll option needs to check all registered fds to find out
dispatchable fds. But epoll option doesn't require checking all registered fds.
Because epoll_wait() returns dispatchable fd set.
So epoll option is effective for GO/AP functionality.
[demerit]
The epoll option requires additional heap memory. In case of P2P GO, it is
about 8K bytes.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
scard_gsm_auth() used SIM_CMD_GET_RESPONSE for both SIM and USIM. Convert
the command into USIM_CMD_GET_RESPONSE for USIM.
Since commit eb32460029 ("Fix switching from EAP-SIM to EAP-AKA/AKA'")
EAP-SIM is using the USIM if available. This triggers a probably ancient
bug in scard_gsm_auth(), which results in sending the wrong get response
command to the USIM. Thus, EAP-SIM stopped to work after this change on
USIMs that expect the proper command.
Signed-off-by: Simon Baatz <gmbnomis@gmail.com>
It looks like the demangle.h from binutils-dev is not installed that
commonly anymore. Since we need only two defines from that file, replace
the header file with those defines to make it easier to build with
WPA_TRACE_BFD=y.
Signed-off-by: Jouni Malinen <j@w1.fi>
These functions are not standard and do not exist in all systems, e.g.,
variants of Android. Instead use the macros defined in common.h.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Update the radiotap parser to the latest version of the
http://git.sipsolutions.net/radiotap.git/ library to get
parsing for vendor namespaces.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
wpa_supplicant and wpa_cli had already moved to allowing up to 4096 byte
buffer size to be used for control interface commands. This was limited
by the line edit buffer in interactive mode. Increase that limit to
match the other buffers to avoid artificially truncating long commands.
Signed-off-by: Jouni Malinen <j@w1.fi>
Do not truncate CURLINFO entries on first linefeed to get full IN/OUT
headers and data into debug log. Use wpa_hexdump_ascii() if any
non-displayable characters are included. Remove the separate header/data
debug dumps since all that information is now available from the debug
callback.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This hs20-osu-client client command can be used to parse a DER encoded
X.509v3 certificate with the logotype extensions and
id-wfa-hotspot-friendlyName values shown in detail.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
bfd_demangle() call could be skipped if data.function == NULL. Make sure
the already freed aname pointer cannot be used again in such a case.
Signed-off-by: Jouni Malinen <j@w1.fi>
Commit e2f5a9889a was supposed to prevent
new scan request from pushing out the old one. However, it did not
really do that since eloop_deplete_timeout() returned 0 both for the
case where the old timeout existed (and was sooner) and if the old
timeout did not exist. It returned 1 only for the case where an old
timeout did exist and was larger than the new requested value. That case
used to result in wpa_supplicant_req_scan() rescheduling the timeout,
but hew code in eloop_deplete_timeout() did the exact same thing and as
such, did not really change anything apart from the debug log message.
Extend the eloop_deplete_timeout() (and eloop_replenish_timeout() for
that matter since it is very similar) to return three different values
based on whether the timeout existed or not and if yes, whether it was
modified. This allows wpa_supplicant_req_scan() to schedule a new
timeout only in the case there was no old timeout.
Signed-hostap: Jouni Malinen <j@w1.fi>
These were somewhat more hidden to avoid direct use, but there are now
numerous places where these are needed and more justification to make
the extern int declarations available from wpa_debug.h. In addition,
this avoids some warnings from sparse.
Signed-hostap: Jouni Malinen <j@w1.fi>
This can be used to silence compiler warnings in cases where #ifdef
blocks can leave some variables or functions unused and there is no
cleaner way of avoiding the warnings.
Signed-hostap: Jouni Malinen <j@w1.fi>
Just the usual, with a new function os_reltime_initialized()
thrown in that checks whether time has ever been retrieved
(time can't be completely zero).
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
This helper functions checks whether a given entry has expired,
given the last active timestamp, the current time, and a timeout.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Relative time shouldn't be calculated based on gettimeofday
because that clock can jump (e.g., when the time is adjusted
by the system administrator.)
On systems where that is available, use CLOCK_BOOTTIME (on
fairly recent Linux systems, this clock takes into account
the time spend suspended) or CLOCK_MONOTONIC (on Linux and
some POSIX systems, this clock is just freely running with
no adjustments.)
Reported-by: Holger Schurig <holgerschurig@gmail.com>
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
This allows wlantest debug log output to be directed to a file so that
RELOG command can be used to rotate files more easily than stdout.
Signed-hostap: Jouni Malinen <j@w1.fi>
This was supposed to be a minimal sample of eloop wrapper, but it is
unclear whether this is of that much use and the file has not been kept
up-to-date. Remove this file to reduce maintenance effort. The other
eloop*.c files can be used as a starting point if something new is
needed.
Signed-hostap: Jouni Malinen <j@w1.fi>
Commit eb32460029 left an unneeded
sim_type argument to scard_init(). Remove that unnecessary argument to
clean up the implementation.
Signed-hostap: Masashi Honma <masashi.honma@gmail.com>
eloop_replenish_timeout() finds a registered matching
<handler,eloop_data,user_data> timeout. If found, replenishes
the timeout if remaining time is less than the requested time.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
os_strlpcy() should be used instead of os_strncpy() to guarantee null
termination. Since there are no remaining strncpy uses, remove
os_strncpy() definition.
Signed-hostap: Jouni Malinen <j@w1.fi>
printf_decode() fills in a binary buffer and returns the length of
the written data. This did not use null termination since initial
use cases used the output as a binary value. However, Hotspot 2.0
cred block values are also using this for parsing strings. Those
cases could end up without proper null termination depending on what
os_malloc() ends up getting as the memory buffer. Fix these and make
printf_decode() more convenient by forcing the output buffer to be
null terminated.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Compiling hostapd with VHT enabled on a big endian machine resulted in
an undefined symbol error. Fix this by defining the missing macro.
Signed-hostap: Michal Kazior <michal.kazior@tieto.com>
Commit 3962b65858 removed the Xcode
project files, but missed the defines in build_config.h. Remove these
since there are no users for them in the current snapshot.
Signed-hostap: Jouni Malinen <j@w1.fi>
These events are sent as a special case to both the group interface and
"parent interface" (i.e., the interface that was used for managing P2P
negotiation). The latter is not really correct event, so get rid of it
with the new global control interface design where there is no need to
support legacy upper layer implementations.
Signed-hostap: Jouni Malinen <j@w1.fi>
This function can be used instead of wpa_msg() and wpa_msg_ctrl() to
indicate that an event is not specific to a network interface.
Signed-hostap: Jouni Malinen <j@w1.fi>
The HIST_ENTRY and its variables are allocated within libreadline, so
they won't have the WPA_TRACE special header and cannot be freed with
os_free(). Use free() to avoid issues during wpa_cli termination if any
of the new commands added to the history are to be removed (e.g.,
set_network could include a password).
Signed-hostap: Jouni Malinen <j@w1.fi>
DFS implementation requires to run an eventloop while monitoring
the Channel Availability Check (CAC). After that, the "real" event
loop is started, and should not fail doing so.
Signed-hostap: Simon Wunderlich <siwu@hrz.tu-chemnitz.de>
currbuf_valid needs to be cleared when an old command from history is
processed to avoid leaving a bogus entry that makes history_prev() skip
the last entry in history.
Signed-hostap: Jouni Malinen <j@w1.fi>
There are quite a few places in the current implementation where a nul
terminated string is generated from binary data. Add a helper function
to simplify the code a bit.
Signed-hostap: Jouni Malinen <j@w1.fi>
This option can be used only for global parameters that are not going
to be changed from settings.
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
Signed-off-by: Iliyan Malchev <malchev@google.com>
ANDROID_SETGROUPS_OVERRIDE macro can now be used to override setgroups()
values based on build configuration.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
These verify that a proper pointer type is used and in addition, seems
to get rid of some false static analyzer warnings.
Signed-hostap: Jouni Malinen <j@w1.fi>
Use an explicit pointer to the beginning of the buffer and a flag
to indicate whether that is to external data or not. This avoids
a branch whenever accessing the buffer and helps some static
analyzers to understand the wpabuf memory uses better.
Signed-hostap: Jouni Malinen <j@w1.fi>
This function can be used as a wrapper for os_realloc(ptr, nmemb * size)
when a reallocation is used for an array. The main benefit over
os_realloc() is in having an extra check to catch integer overflows in
multiplication. This is similar to the os_zalloc() to os_calloc() move.
Signed-hostap: Jouni Malinen <j@w1.fi>
This function can be used as a wrapper for os_zalloc(nmemb * size) when
an allocation is used for an array. The main benefit over os_zalloc() is
in having an extra check to catch integer overflows in multiplication.
Signed-hostap: Jouni Malinen <j@w1.fi>
The new ssid2 parameter can be used as an alternative mechanism for
configuring SSID for hostapd. It uses the same formats that
wpa_supplicant uses in the configuration file for strings.
Signed-hostap: Jouni Malinen <j@w1.fi>
Instead of masking out non-ASCII characters with underscores, espace the
SSID data using rules compatible with printf.
Signed-hostap: Jouni Malinen <j@w1.fi>
This can be used to build ASCII strings from binary data that is
more likely to use ASCII (i.e., text format is more natural
option than hexdump, but there is possibility of some non-ASCII
characters).
Signed-hostap: Jouni Malinen <j@w1.fi>
This new mechanism can be used to make wpa_supplicant using external
storage (e.g., key store in the operating system) for passwords,
passphrases, and PSKs. This commit is only adding the framework part
needed to support this, i.e., no actual configuration parameter can
yet use this new mechanism. In addition, only a simple test backend
is added to allow developer testing of the functionality.
Signed-hostap: Jouni Malinen <j@w1.fi>
Without this, we can get into a tight loop because the
code in general doesn't add eloop exception handlers,
so socket reporting the POLLERR would never be read.
With this change, any socket with POLLERR or POLLHUP
asserted will be handled by the read logic.
Signed-hostap: Ben Greear <greearb@candelatech.com>
This was never really completed and is of not much use at this point,
so clean up the repository by removing the Symbian-specific changes.
Signed-hostap: Jouni Malinen <j@w1.fi>
Add the option (-T) to wpa_supplicant to log all debug messages into the
kernel tracing, allowing to aggregate kernel debugging with
wpa_supplicant debugging and recording all with trace-cmd.
Since tracing has relatively low overhead and can be filtered
afterwards, record all messages regardless of log level. However, it
will honor the -K option and not record key material by default.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
This DO has a maximum length of 127 bytes (TS 102 221), so better use
large enough buffer when reading the record.
Signed-hostap: Jouni Malinen <j@w1.fi>
New global configuration parameters pcsc_reader and pcsc_pin can now be
used to initialize PC/SC reader context at start of wpa_supplicant.
Signed-hostap: Jouni Malinen <j@w1.fi>
eloop_sock_table_add_sock() needs to fail if pollfd array allocation
fails instead of returning success and leaving behind no buffer.
Signed-hostap: Jouni Malinen <j@w1.fi>
When using more than around 200 virtual stations, we start hitting the
max number of file descriptors supported by select(). This patch adds
support for poll(), which has no hard upper limit.
Signed-hostap: Ben Greear <greearb@candelatech.com>