VLAN: Avoid access to non-existing interfaces

Currently, hostapd_get_vlan_id_ifname() is used to determine if a given
vlan is valid *and* to actually determine the interface. This leads to
wpa_set_keys() sometimes setting the key on the wildcard interface name,
which does not make sense.

This patch therefore adds hostapd_vlan_id_valid() and makes
hostapd_get_vlan_id_ifname() not return a wildcard interface.

Signed-hostap: Michael Braun <michael-dev@fami-braun.de>
This commit is contained in:
Michael Braun 2013-06-25 12:03:02 +03:00 committed by Jouni Malinen
parent 4345fe963e
commit 80ebfd9527
4 changed files with 16 additions and 5 deletions

View File

@ -606,11 +606,23 @@ int hostapd_rate_found(int *list, int rate)
} }
const char * hostapd_get_vlan_id_ifname(struct hostapd_vlan *vlan, int vlan_id) int hostapd_vlan_id_valid(struct hostapd_vlan *vlan, int vlan_id)
{ {
struct hostapd_vlan *v = vlan; struct hostapd_vlan *v = vlan;
while (v) { while (v) {
if (v->vlan_id == vlan_id || v->vlan_id == VLAN_ID_WILDCARD) if (v->vlan_id == vlan_id || v->vlan_id == VLAN_ID_WILDCARD)
return 1;
v = v->next;
}
return 0;
}
const char * hostapd_get_vlan_id_ifname(struct hostapd_vlan *vlan, int vlan_id)
{
struct hostapd_vlan *v = vlan;
while (v) {
if (v->vlan_id == vlan_id)
return v->ifname; return v->ifname;
v = v->next; v = v->next;
} }

View File

@ -547,6 +547,7 @@ int hostapd_wep_key_cmp(struct hostapd_wep_keys *a,
const u8 * hostapd_get_psk(const struct hostapd_bss_config *conf, const u8 * hostapd_get_psk(const struct hostapd_bss_config *conf,
const u8 *addr, const u8 *prev_psk); const u8 *addr, const u8 *prev_psk);
int hostapd_setup_wpa_psk(struct hostapd_bss_config *conf); int hostapd_setup_wpa_psk(struct hostapd_bss_config *conf);
int hostapd_vlan_id_valid(struct hostapd_vlan *vlan, int vlan_id);
const char * hostapd_get_vlan_id_ifname(struct hostapd_vlan *vlan, const char * hostapd_get_vlan_id_ifname(struct hostapd_vlan *vlan,
int vlan_id); int vlan_id);
struct hostapd_radius_attr * struct hostapd_radius_attr *

View File

@ -650,8 +650,7 @@ static void handle_auth(struct hostapd_data *hapd,
} }
if (vlan_id > 0) { if (vlan_id > 0) {
if (hostapd_get_vlan_id_ifname(hapd->conf->vlan, if (!hostapd_vlan_id_valid(hapd->conf->vlan, vlan_id)) {
vlan_id) == NULL) {
hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_RADIUS, hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_RADIUS,
HOSTAPD_LEVEL_INFO, "Invalid VLAN ID " HOSTAPD_LEVEL_INFO, "Invalid VLAN ID "
"%d received from RADIUS server", "%d received from RADIUS server",

View File

@ -1438,8 +1438,7 @@ ieee802_1x_receive_auth(struct radius_msg *msg, struct radius_msg *req,
sta->vlan_id = radius_msg_get_vlanid(msg); sta->vlan_id = radius_msg_get_vlanid(msg);
} }
if (sta->vlan_id > 0 && if (sta->vlan_id > 0 &&
hostapd_get_vlan_id_ifname(hapd->conf->vlan, hostapd_vlan_id_valid(hapd->conf->vlan, sta->vlan_id)) {
sta->vlan_id)) {
hostapd_logger(hapd, sta->addr, hostapd_logger(hapd, sta->addr,
HOSTAPD_MODULE_RADIUS, HOSTAPD_MODULE_RADIUS,
HOSTAPD_LEVEL_INFO, HOSTAPD_LEVEL_INFO,