Commit graph

341 commits

Author SHA1 Message Date
Jouni Malinen
82ffcba755 Move extern declarations for ext_password backends into a header file
This gets rid of a sparse warning and also allows the compatibility of
the declarations to be verified (a missing const declaration is fixed
here as well).

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-24 19:02:58 +03:00
Jouni Malinen
50a17a76e1 tests: Declare module test functions in a header file
This gets rid of number of warnings from sparse.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-23 18:26:09 +03:00
Jouni Malinen
fad6485c56 radiotap: Silence sparse warnings about byte order swapping
These little endian fields were not marked properly and the type case in
the get_unaligned_* helper macros were causing warnings from sparse.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-23 18:08:11 +03:00
Jouni Malinen
0e672b89e7 trace: Define externs in a header file
This gets rid of some unnecessary strace warnings from test builds.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-23 13:28:54 +03:00
Jouni Malinen
6527b52ead Undefine __bitwise before defining it for sparse
This gets rid of a compiler warning due to a bit different construction
in linux/types.h.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-23 13:23:46 +03:00
Cedric Izoard
04c18fa04b curl: Don't free memory for subjectAltName before calling callback
Freeing memory for subjectAltName in parse_cert(), will give cert_cb
pointers to freed memory zone that may already been overwritten. Memory
for subjectAltName is released in parse_cert_free().

Signed-off-by: Cedric Izoard <cedric.izoard@ceva-dsp.com>
2016-06-19 22:11:36 +03:00
SiWon Kang
7a1887faec wpa_cli: Add backspace key process for some terminal
In some terminal, verified with gtkterm and teraterm, backspace key is
not properly processed. For instance, type 'abc', 3 times of backspace
key press then '123' shows the result of 'abc123' instead of '123'. To
fix this, add a routine to process '\b' character input when using
edit_simple.c instead of edit.c (i.e., without CONFIG_WPA_CLI_EDIT=y).

Signed-off-by: Siwon Kang <kkangshawn@gmail.com>
2016-05-13 18:48:45 +03:00
Paul Stewart
0fe5a23424 Remove newlines from wpa_supplicant config network output
Spurious newlines output while writing the config file can corrupt the
wpa_supplicant configuration. Avoid writing these for the network block
parameters. This is a generic filter that cover cases that may not have
been explicitly addressed with a more specific commit to avoid control
characters in the psk parameter.

Signed-off-by: Paul Stewart <pstew@google.com>
2016-05-02 11:08:25 +03:00
Jouni Malinen
ecbb0b3dc1 WPS: Reject a Credential with invalid passphrase
WPA/WPA2-Personal passphrase is not allowed to include control
characters. Reject a Credential received from a WPS Registrar both as
STA (Credential) and AP (AP Settings) if the credential is for WPAPSK or
WPA2PSK authentication type and includes an invalid passphrase.

This fixes an issue where hostapd or wpa_supplicant could have updated
the configuration file PSK/passphrase parameter with arbitrary data from
an external device (Registrar) that may not be fully trusted. Should
such data include a newline character, the resulting configuration file
could become invalid and fail to be parsed.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-05-02 11:08:25 +03:00
David Spinadel
624b8a061f utils: Add ssid_parse() function
Add a function that parses SSID in text or hex format. In case of the
text format, the SSID is enclosed in double quotes. In case of the hex
format, the SSID must include only hex digits and not be enclosed in
double quotes. The input string may include other arguments after the
SSID.

Signed-off-by: David Spinadel <david.spinadel@intel.com>
2016-04-16 21:05:37 +03:00
David Spinadel
9d955f751e utils: Rename hostapd_parse_bin to wpabuf_parse_bin and move it
Make the function available as part of the wpabuf API.
Use this renamed function where possible.

Signed-off-by: David Spinadel <david.spinadel@intel.com>
2016-04-09 11:23:36 +03:00
Jouni Malinen
6d07e76020 wlantest: Use local ETH_P_IP define instead of linux/if_ether.h
There is no strong need for pulling in linux/if_ether.h here since all
that is needed if ETH_P_IP and we already cover multiple other ETH_P_*
values in utils/common.h.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-03-26 11:35:30 +02:00
Jouni Malinen
64ce5905f8 libxml2: Check for xmlDocDumpFormatMemory() error case
Since this function needs to allocate memory, it might fail. Check that
the returned memory pointer is not NULL before trying to parse the
output.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-03-16 21:49:28 +02:00
Eliad Peller
4a6e9e5599 Fix CONFIG_WPA_TRACE=y compilation without CONFIG_WPA_TRACE_BFD=y
syms is defined only for WPA_TRACE_BFD:

../src/utils/trace.c: In function ‘wpa_trace_deinit’:
../src/utils/trace.c:372:7: error: ‘syms’ undeclared (first use in this function)
  free(syms);
       ^
../src/utils/trace.c:372:7: note: each undeclared identifier is reported only once for each function it appears in
make: *** [../src/utils/trace.o] Error 1
make: *** Waiting for unfinished jobs....

Add appropriate #ifdef.

Signed-off-by: Eliad Peller <eliad@wizery.com>
2016-03-03 16:23:23 +02:00
Roy Marples
e21cecaf54 kqueue: Use 0 instead of NULL for udata
Use 0 for udata instead of NULL for portability.
NetBSD uses uintptr_t, others a pointer.

Signed-off-by: Roy Marples <roy@marples.name>
2016-02-18 17:40:12 +02:00
Roy Marples
640b0b933a ctype functions require an unsigned char
Ensure that characters are represented as unsigned char when using
isblank() and isspace(). These function take in a "int c" argument, but
it needs to be unsigned for the cases where EOF is not indicated.

Signed-off-by: Roy Marples <roy@marples.name>
2016-02-18 17:39:00 +02:00
Jouni Malinen
6136d43b8e trace: Free symbols on program exit
This makes valgrind memleak checks with CONFIG_WPA_TRACE=y somewhat
cleaner.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-02-16 14:10:29 +02:00
Jouni Malinen
d9a0f69747 OpenSSL: Fix memory leak in OCSP parsing
The result from OCSP_cert_to_id() needs to be freed.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-02-16 00:40:41 +02:00
Jouni Malinen
e60913b600 curl: Fix memory leak in subjectAltName parsing
The parsed data from X509_get_ext_d2i() needs to be freed.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-02-16 00:33:27 +02:00
Jouni Malinen
9e1f1bdb6f eloop: Clean up coding style for eloop debug prints
Signed-off-by: Jouni Malinen <j@w1.fi>
2016-02-07 18:09:21 +02:00
Roy Marples
f9982b3212 Implement kqueue(2) support via CONFIG_ELOOP_KQUEUE
NOTE: kqueue has to be closed and re-build after forking. epoll *should*
do the same, but it seems that wpa_supplicant doesn't need it at least.

I have re-worked a little bit of the epoll code (moved into a similar
kqueue function) so it's trivial to requeue epoll if needed in the
future.

Signed-off-by: Roy Marples <roy@marples.name>
2016-02-07 18:09:19 +02:00
Roy Marples
2e69bdd16a eloop: Add eloop_sock_requeue()
This function can be used to re-build eloop socket tables after forking
for eloop implementations that need this.

Signed-off-by: Roy Marples <roy@marples.name>
2016-02-07 12:38:04 +02:00
Roshan Pius
0ae86f9043 wpa_supplicant: Fix couple of C++ compiler errors with header files
Need to include these headers in C++ files for adding a binder interface
to wpa_supplicant. So, fix the following C++ compiler errors in them:
1. Add explicit C-style casts in wpa_buf.h header.
2. Move the nested definition of wpa_driver_scan_ssid in driver.h
outside of wpa_driver_scan_params because it is used in another
structure below.

Signed-off-by: Roshan Pius <rpius@google.com>
2016-02-06 15:26:48 +02:00
Jouni Malinen
2088ecb970 OSU: Add debug printing of more LogotypeExtn fields
Couple of the image info fields were not printed previously in debug
log. Add those to make this more complete.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-02-05 00:24:49 +02:00
Ayala Beker
819ad5b70b utils: Fix NULL pointer dereference with unexpected kernel behavior
Fix mostly theoretical NULL pointer dereference in
wpa_debug_open_linux_tracing() if /proc/mounts were to return a
malformed line.

Signed-off-by: Ayala Beker <ayala.beker@intel.com>
2015-12-18 00:24:52 +02:00
Jouni Malinen
8d27efa814 HTTP (curl): OCSP with BoringSSL
This adds experimental support for using OCSP with libcurl that is built
against BoringSSL. This needs small modifications to libcurl to allow
CURLOPT_SSL_VERIFYSTATUS to be used to call
SSL_enable_ocsp_stapling(connssl->handle) in ossl_connect_step1().

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-12-04 20:08:31 +02:00
Somdas Bandyopadhyay
83702b6088 Android: Give user the option for selecting browser for HS 2.0 OSU
When built with browser-android.c, hs20-osu-client used to always launch
the native/stock Android browser for OSU user interaction. This browser
is not present in all devices. It is better to give the option to the
user to select his/her browser.

Here the user will be shown a pop up to select the browser that he/she
wants.

Signed-off-by: Somdas Bandyopadhyay <somdas.bandyopadhyay@intel.com>
2015-11-22 21:06:17 +02:00
Jouni Malinen
d8fd633ebb Do not write ERROR level log entries if debug file is not used
wpa_debug_reopen_file() used to write an error message at MSG_ERROR
level if it was called with last_path == NULL (the last debug log file
path not known). This is not a fatal error, but a normal case if
wpa_debug_open_file() has not been used. Remove the error message and
return success in such case.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-25 20:45:02 +02:00
Jouni Malinen
40762fcede PCSC: Avoid undefined behavior in pointer arithmetic
Reorder terms in a way that no invalid pointers are generated with
pos+len operations. end-pos is always defined (with a valid pos pointer)
while pos+len could end up pointing beyond the end pointer which would
be undefined behavior.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-25 15:35:00 +02:00
Rui Paulo
22e8df3a98 Portability fixes for FreeBSD - os_fdatasync()
Use fsync() when fdatasync() and F_FULLSYNC isn't available.

Signed-off-by: Rui Paulo <rpaulo@freebsd.org>
2015-10-15 16:14:30 +03:00
Josh Lehan
1d61a8efee Escape DEL char (ASCII 127 decimal) in SSIDs
While testing, I noticed that printf_encode() makes control characters
human-readable, with one exemption, the DEL character (ASCII 127).
Assuming this exemption was unintentional, make it appear as an escaped
\x7f instead of a literal DEL character in the output.

Signed-off-by: Josh Lehan <krellan@krellan.net>
2015-10-14 19:28:57 +03:00
Jouni Malinen
cc2994024d HTTP (curl): Fix compilation with BoringSSL
Define the sk_*_{num,value}() macros in BoringSSL style if BoringSSL is
used instead of OpenSSL.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-10-10 00:06:14 +03:00
Alan T. DeKok
b0c70f37b7 Portability fixes for OS X
Fix os_get_reltime() and os_fdatasync() for OS X.

Signed-off-by: Alan DeKok <aland@freeradius.org>
2015-09-25 19:30:09 +03:00
Mitchell Wills
a218e1ded4 Make sure configuration is saved to storage device
Config file is written to a temp file and then it is renamed to the
original config file. However, it is possible that the rename operation
will be commited to storage while file data will be still in cache
causing original config file to be empty or partially written in case of
a system reboot without a clean shutdown. Make this less likely to occur
by forcing the data to be written to the storage device before renaming
the file.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2015-08-27 18:06:05 +03:00
Kanchanapally, Vidyullatha
ac8757cc35 Android: Use more flexible userid when launching browser popup
It was possible for the Hotspot 2.0 case of OSU user interaction to fail
with wpadebug browser due to permission denial in the "start" command
("java.lang.SecurityException: Permission Denial: startActivity asks to
run as user -2 but is calling from user 0; this requires
android.permission.INTERACT_ACROSS_USERS_FULL"). Avoid this by using
more flexible USER_CURRENT_OR_SELF (-3) value with the --user argument.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-08-13 21:14:01 +03:00
Jouni Malinen
ab62f96f55 Move debug level string conversion functions to wpa_debug.c
This makes it possible to use these helper functions from hostapd as
well as the current use in wpa_supplicant.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-08-03 17:44:55 +03:00
Max Stepanov
add5975751 utils: Add cstr_token() function
Add an auxiliary cstr_token() function to get a token from a const char
string. The function usage syntax is similar to str_token(), but unlike
str_token() the function doesn't modify the buffer of the string. Change
str_token() function implementation to use cstr_token().

Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
Reviewed-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>
2015-07-27 00:47:19 +03:00
Jouni Malinen
7c524a64c1 eloop: Fix cases where a socket is reopened from a timeout/signal handler
It was possible for a registered eloop socket handler to be unregistered
and re-registered for a re-opened socket with the same fd from a timeout
or signal handler. If such a case happened with the old socket having a
pending event waiting for processing, some eloop combinations could end
up calling the new handler function with the new socket and get stuck
waiting for an event that has not yet happened on the new socket. This
happened with timeout and signal handlers with all eloop.c types. In
addition to that, the epoll case could also trigger this when a socket
handler re-registered a re-opened socket.

Fix these by checking whether there has been socket handler changes
during processing and break the processing round by going back to
select/poll/epoll for an updated result if any changes are done during
the eloop handler calls before processing the old socket results.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-07-23 18:39:35 +03:00
Jouni Malinen
569f8f9b87 tests: eloop socket re-open from timeout/socket handler
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-07-23 18:39:02 +03:00
Jouni Malinen
acbd59d0a8 eloop: Try to terminate more quickly on SIGINT and SIGTERM
It was possible for the SIGINT/SIGTERM signal to be received while
processing a pending timeout/socket/signal event and then get stuck in
the following select() call before processing the signal event. If no
other events show up within the two second SIGALRM trigger, process will
be terminated forcefully even though there would have been possibility
to do clean termination assuming no operationg blocked for that two
second time.

Handle this more cleanly by checking for eloop.pending_terminate before
starting the select()/poll()/epoll_wait() wait for the following event.
Terminate the loop if pending signal handling requests termination.

In addition, make eloop_terminated() return 1 on eloop.pending_terminate
in addition to eloop.terminate since the process will be terminated
shortly and there is no point in starting additional processing.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-07-22 17:05:46 +03:00
Jouni Malinen
3c48c9c08f tests: Additional module tests for src/utils
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-07-19 23:07:04 +03:00
Jouni Malinen
faf7ce5d4f Drop CONFIG_TI_COMPILER ifdefs
This experimental support for Texas Instruments C compiler was never
fully completed and it has not really been used in close to ten years,
so drop this to simply the header files.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-07-17 21:57:07 +03:00
Anton Nayshtut
36209df93a Add is_multicast_ether_addr()
This helper function can be used to check whether a MAC address is a
multicast (including broadcast) address.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-07-16 12:33:29 +03:00
Anton Nayshtut
ee1e3f57b5 hostapd: Global control interface notifications
This commit implements hostapd global control interface notifications
infrastructure. hostapd global control interface clients issue
ATTACH/DETACH commands to register and deregister with hostapd
correspondingly - the same way as for any other hostapd/wpa_supplicant
control interface.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-07-16 12:33:29 +03:00
Jouni Malinen
476a634d60 Avoid ubsan warning on 0x80<<24 not fitting in int in WPA_GET_BE32/LE32
Use a typecast to make this shift unsigned so that the MSB fits within
the range of allowed values.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-07-07 16:25:06 +03:00
Jouni Malinen
0f5fb8a467 radiotap: Avoid ubsan warning on 1<<31
Use the BIT() macro and unsigned int to avoid ubsan warning on 1<<31 not
fitting in an int.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-07-07 16:25:06 +03:00
Jouni Malinen
e01281fccc trace: Use explicit alignment requirements to avoid misalignment
64-bit builds with CONFIG_WPA_TRACE=y resulted in the wpabuf pointers
getting misaligned (only 32-bit aligned) and that would result in reads
and writes of unaligned size_t values. Avoid this by indicating explicit
alignment requirement for wpabuf_trace to 8 octets (i.e., there will be
extra four octets of padding in case of 64-bit builds).

Similarly, struct os_alloc_trace resulted in some potential misalignment
cases, e.g., when CONFIG_ACS=y uses a 'long double' variable within
struct hostapd_channel_data. Avoid misalignment issues with explicit
alignment indication.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-07-07 16:25:06 +03:00
Jouni Malinen
32d6463fe7 Make BIT() unsigned int instead of int
This is needed to avoid ubsan warnings on BIT(31).

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-07-07 16:25:06 +03:00
Jouni Malinen
bd47c80564 Include stddef.h to use the standard offsetof()
src/utils/list.h ended up defining a local version of offsetof() due to
stddef.h not getting included. This resulted in unnecessary warnings
from ubsan related to "dereferencing" of a NULL pointer.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-07-07 16:25:06 +03:00
Jouni Malinen
2da525651d Add backtrace-based error path testing mechanism
The new TEST_FAIL and GET_FAIL control interface commands can be used
similarly to the earlier TEST_ALLOC_FAIL/GET_ALLOC_FAIL design. The new
version is more generic framework allowing any function to be annotated
for failure testing with the TEST_FAIL() macro. This mechanism is only
available in builds with CONFIG_WPA_TRACE_BFD=y and
CONFIG_TESTING_OPTIONS=y. For other builds, the TEST_FAIL() macro is
defined to return 0 to allow the compiler to remove the test code from
normal production builds.

As the first test site, allow os_get_random() to be marked for failing
based on call backtrace.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-29 23:23:56 +03:00