Commit Graph

279 Commits

Author SHA1 Message Date
Jouni Malinen
58d405fcdb Fix OCSP debug messages
These were not supposed to include a newline at the end of the message
text since such formatting gets handled by tls_show_errors(). In
addition, change the message about the issuer's issuer to be more
accurate.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-02-19 13:33:33 +02:00
Subhani Shaik
bd7bb43784 HTTP: Fix OCSP error path
If addition of a peer issuer certificate fails, the certs pointer would
be NULL when being passed to sk_X509_push() for peer issuer's issuer.
Fix this by skipping addition of issuer's issue if issuer addition
fails.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-02-19 13:29:55 +02:00
Brian Gix
c3d6c71782 Add helper functions for escaping and unescaping UTF-8
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-02-02 14:09:18 +02:00
Jouni Malinen
6dbbef9603 Define host_to_le32() for Windows builds
This define had been forgotten at some point in time and wpa_supplicant
compilation for Windows failed with some recently added code that
depended on this.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-11 00:58:10 +02:00
Jouni Malinen
7d28e46a6c Fix os_win32 build
Addition of os_memcmp_const() in commit
afc3c8b07f had forgotten to include
common.h into os_win32.c to get u8 defined.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-11 00:58:10 +02:00
Jouni Malinen
8a42a076aa trace: Fix out-of-memory testing logic
data.function needs to be set for the return value to be of any use and
strcmp won't work with NULL pointer either. (CID 99907)

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-10 17:35:53 +02:00
Stefan Tomanek
79cd993a62 Add address masks to BSSID lists
In many applications it is useful not just to enumerate a group of well
known access points, but to use a address/mask notation to match an
entire set of addresses (ca:ff:ee:00:00:00/ff:ff:ff:00:00:00).

This change expands the data structures used by MAC lists to include a
mask indicating the significant (non-masked) portions of an address and
extends the list parser to recognize mask suffixes.

Signed-off-by: Stefan Tomanek <stefan.tomanek@wertarbyte.de>
2015-01-10 17:35:53 +02:00
Jouni Malinen
a156ffda61 Add support for testing memory allocation failures
The new control interface command TEST_ALLOC_FAIL and GET_ALLOC_FAIL can
now be used to trigger memory allocation failures for testing purposes.
TEST_ALLOC_FAIL sets a failure conditions with
<count>:func[;func][;func]... string and GET_ALLOC_FAIL returns the
current state using the same format. Whenever an allocation is made with
a matching backtrace of calling functions, the count is decremented by
one and once zero is reached, the allocation is forced to fail.

Function names can be prefixed with either '=' or '?' to get different
matching behavior. '=' requires this specific function to be the next
one in the backtrace (i.e., do not skip any other functions in the list
which is the default behavior). '?' allows the function to be optionally
present in the backtrace.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-07 13:19:43 +02:00
Jouni Malinen
3d2e2d5d63 trace: Fix compiler warning on 32-bit builds with bfd support
With CONFIG_WPA_TRACE_BFD, the type cast from void* to integer was
generating a compiler warning due to the target integer being larger in
size in case of 32-bit builds. Type case to bfd_hostptr_t instead of
directly to bfd_vma to avoid this.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-06 18:30:20 +02:00
Jouni Malinen
b9f6560f38 eloop: Fix WPA_TRACE tracking in case of realloc failure
The socket reference tracking entries need to be restored in case
os_realloc_array() fails when adding a new eloop socket.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-06 18:30:20 +02:00
Jouni Malinen
77c45e2b35 Add wpabuf_clear_free() to allow clearing of freed memory
This can be useful when a wpabuf is used to store private data that
should not be left in heap after use.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-05 18:02:04 +02:00
Paul Stewart
de27bc7673 hostapd: Set stdout line-buffered
If hostapd will use stdout for debugging, set stdout to be line
buffered in case its output is redirected to a file. This allows
incremental output to be viewed immediately instead of at the file
buffering interval.

Signed-hostap: Paul Stewart <pstew@chromium.org>
2014-12-29 15:49:05 +02:00
Jouni Malinen
a193231dfb Clean up debug prints to use wpa_printf()
This converts most of the remaining perror() and printf() calls from
hostapd and wpa_supplicant to use wpa_printf().

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-26 13:20:57 +02:00
Jouni Malinen
cad9b88be2 Fix CONFIG_OS=none build
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-25 16:37:12 +02:00
Jouni Malinen
ff013b94ca Fix CONFIG_OS=internal build
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-25 16:37:12 +02:00
Jouni Malinen
7781da6b2b Remove unused find_first_bit()
This was used only for the VHT capability checks for determining bit
offset for right shift. That was replaced with a constant defines since
there is no need to calculate this at runtime.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 19:01:25 +02:00
Jouni Malinen
7bdd8981f7 Check os_snprintf() result more consistently - automatic 2
This converts os_snprintf() result validation cases to use
os_snprintf_error() where the comparison was 'res > size' instead of
'res >= size'. These changes were done automatically with spatch using
the following semantic patch:

@@
identifier E1;
expression E2,E3,E4,E5,E6;
statement S1;
@@

(
  E1 = os_snprintf(E2, E3, ...);
|
  int E1 = os_snprintf(E2, E3, ...);
|
  if (E5)
	E1 = os_snprintf(E2, E3, ...);
  else
	E1 = os_snprintf(E2, E3, ...);
|
  if (E5)
	E1 = os_snprintf(E2, E3, ...);
  else if (E6)
	E1 = os_snprintf(E2, E3, ...);
  else
	E1 = 0;
|
  if (E5) {
	...
	E1 = os_snprintf(E2, E3, ...);
  } else {
	...
	return -1;
  }
|
  if (E5) {
	...
	E1 = os_snprintf(E2, E3, ...);
  } else if (E6) {
	...
	E1 = os_snprintf(E2, E3, ...);
  } else {
	...
	return -1;
  }
|
  if (E5) {
	...
	E1 = os_snprintf(E2, E3, ...);
  } else {
	...
	E1 = os_snprintf(E2, E3, ...);
  }
)
? os_free(E4);
- if (E1 < 0 || \( E1 > E3 \| (size_t) E1 > E3 \| E1 > (int) E3 \))
+ if (os_snprintf_error(E3, E1))
(
  S1
|
{ ... }
)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-08 11:42:07 +02:00
Jouni Malinen
d85e1fc8a5 Check os_snprintf() result more consistently - automatic 1
This converts os_snprintf() result validation cases to use
os_snprintf_error() where the exact rule used in os_snprintf_error() was
used. These changes were done automatically with spatch using the
following semantic patch:

@@
identifier E1;
expression E2,E3,E4,E5,E6;
statement S1;
@@

(
  E1 = os_snprintf(E2, E3, ...);
|
  int E1 = os_snprintf(E2, E3, ...);
|
  if (E5)
	E1 = os_snprintf(E2, E3, ...);
  else
	E1 = os_snprintf(E2, E3, ...);
|
  if (E5)
	E1 = os_snprintf(E2, E3, ...);
  else if (E6)
	E1 = os_snprintf(E2, E3, ...);
  else
	E1 = 0;
|
  if (E5) {
	...
	E1 = os_snprintf(E2, E3, ...);
  } else {
	...
	return -1;
  }
|
  if (E5) {
	...
	E1 = os_snprintf(E2, E3, ...);
  } else if (E6) {
	...
	E1 = os_snprintf(E2, E3, ...);
  } else {
	...
	return -1;
  }
|
  if (E5) {
	...
	E1 = os_snprintf(E2, E3, ...);
  } else {
	...
	E1 = os_snprintf(E2, E3, ...);
  }
)
? os_free(E4);
- if (E1 < 0 || \( E1 >= E3 \| (size_t) E1 >= E3 \| (unsigned int) E1 >= E3 \| E1 >= (int) E3 \))
+ if (os_snprintf_error(E3, E1))
(
  S1
|
{ ... }
)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-08 11:42:07 +02:00
Jouni Malinen
0047306bc9 Add os_snprintf_error() helper
This can be used to check os_snprintf() return value more consistently.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-08 11:42:07 +02:00
Jouni Malinen
ff1dd3e9a1 base64: Try to avoid static analyzer warning (part 2)
Shift right on unsigned char limits the value to 0..63 which is within
bounds for base64_table[]. Anyway, some static analyzers do not seem to
understand that. See if an otherwise unnecessary masking gets rid of
false warnings. (CID 62858)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-08 11:07:56 +02:00
Jouni Malinen
cdbc0baac6 base64: Try to avoid static analyzer warning
Shift right on unsigned char limits the value to 0..63 which is within
bounds for base64_table[]. Anyway, some static analyzers do not seem to
understand that. See if an otherwise unnecessary masking gets rid of
false warnings. (CID 62858)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-06 19:26:56 +02:00
Jouni Malinen
f27f1644a8 PCSC: Make AID copying easier for static analyzers
Use a separate pointer and length field instead of trying to copy from a
struct field that has only part of the full buffer available.
(CID 68115)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-06 12:16:32 +02:00
Jouni Malinen
002a2495be radiotap: Initialize all members in ieee80211_radiotap_iterator_init()
_next_ns_data could look like it would be used uninitialized in
ieee80211_radiotap_iterator_next() to static analyzers. Avoid
unnecessary reports by explicitly initializing all variables in struct
ieee80211_radiotap_iterator. (CID 62878)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-23 21:03:40 +02:00
Jouni Malinen
e7306bcb59 PCSC: Use clearer file TLV length validation step
This makes it easier for static analyzer to confirm that the length
field bounds are checked. WPA_GET_BE16() is also used instead of
explicit byte-swapping operations in this file. (CID 68129)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-23 18:37:10 +02:00
Moshe Benji
71d263ea70 Add wpa_scnprintf() helper function
This provides a simpler version of snprintf that doesn't require further
error checks.

Signed-off-by: Moshe Benji <moshe.benji@intel.com>
Signed-off-by: Eliad Peller <eliad@wizery.com>
2014-11-16 21:40:42 +02:00
Eliad Peller
1b640fd27c Add str_token() function
Add helper function to get the next token from a string.

Signed-off-by: Eliad Peller <eliadx.peller@intel.com>
2014-11-16 21:11:23 +02:00
Kyeyoon Park
6897556455 common: Add definition for ETH_HLEN
Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
2014-10-28 01:08:29 +02:00
Jouni Malinen
ccf79ab256 browser-android: Use execv() directly instead of os_exec()
This allows the URL to be passed as a single argument to the program
instead of getting split into multiple by os_exec(). This makes the
operation more robust for cases where the URL could have been received
from an external source and could potentially add extra arguments to the
command line.

In addition, fix the /system/bin/input execution by using system() for
it instead of execv() through os_exec(). /system/bin/input is a script
that execv() won't be able to run. Since the full command line is
specified, system() can be used for this. The keycode is also changed
from 3 to KEYCODE_HOME to make this work with current Android version.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-21 23:32:17 +03:00
Jouni Malinen
c94382259d browser-wpadebug: Use execv() directly instead of os_exec()
This allows the URL to be passed as a single argument to the program
instead of getting split into multiple by os_exec(). This makes the
operation more robust for cases where the URL could have been received
from an external source and could potentially add extra arguments to the
command line.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-21 23:32:17 +03:00
Jouni Malinen
22444bb246 browser-system: Use execv() directly instead of os_exec()
This allows the URL to be passed as a single argument to the program
instead of getting split into multiple by os_exec(). This makes the
operation more robust for cases where the URL could have been received
from an external source and could potentially add extra arguments to the
command line.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-21 23:32:17 +03:00
Toby Gray
f5c649b769 Fix warning about unused parameter if CONFIG_DEBUG_FILE is not defined.
This change adds a cast to void to indicate that the path parameter is
unused when CONFIG_DEBUG_FILE is not defined. This fixes a compiler
warning about unused parameters.

Signed-off-by: Toby Gray <toby.gray@realvnc.com>
2014-10-12 16:49:12 +03:00
Jouni Malinen
2b28ef6ca8 browser-wpadebug: Use more robust mechanism for starting browser
Use os_exec() to run the external browser to avoid undesired command
line processing for control interface event strings. Previously, it
could have been possible for some of the event strings to include
unsanitized data which is not suitable for system() use.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-09 17:38:25 +03:00
Jouni Malinen
3d8a3ffcf0 browser-android: Use more robust mechanism for starting browser
Use os_exec() to run the external browser to avoid undesired command
line processing for control interface event strings. Previously, it
could have been possible for some of the event strings to include
unsanitized data which is not suitable for system() use.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-09 17:38:25 +03:00
Jouni Malinen
17dc39a8bc browser-system: Use more robust mechanism for starting browser
Use os_exec() to run the external browser to avoid undesired command
line processing for control interface event strings. Previously, it
could have been possible for some of the event strings to include
unsanitized data which is not suitable for system() use.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-09 17:38:25 +03:00
Jouni Malinen
89de07a944 Add os_exec() helper to run external programs
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-09 17:38:25 +03:00
Jouni Malinen
1cbdb9d137 Add helper function for generating random MAC addresses with same OUI
random_mac_addr_keep_oui() is similar to random_mac_addr(), but it
maintains the OUI part of the source address.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-30 00:40:23 +03:00
Bernhard Walle
a8833b84f4 util: Don't use "\e"
'\e' representing ESC (0x1b) is not C standard, it's an GNU extension.
https://gcc.gnu.org/onlinedocs/gcc/Character-Escapes.html#Character-Escapes

Since the code also compiles on Windows with Microsoft compiler, we
should use '\033' instead.

Note: I didn't try to build the whole wpa_supplicant on Windows, so I
don't know if it still builds (I have no Visual Studio 2005 for a quick
test). I just needed the string conversion routines for the P"" syntax
in both directions.

Signed-off-by: Bernhard Walle <bernhard@bwalle.de>
2014-09-28 19:16:32 +03:00
Jouni Malinen
4d8fb63799 Add helper function for generating random MAC addresses
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-27 19:12:02 +03:00
Jouni Malinen
9c196f7703 HTTP: Fix OCSP status check
Due to a missing curly brackets, the OCSP status checking was not
working in the expected way. Instead of allowing optional-OCSP
configuration to accept connection when OCSP response was ready, all
such cases were marked as hard failures. In addition, the debug prints
were not necessarily accurate for the mandatory-OCSP-but-no-response
case (CID 72694, CID 72704).

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-07 18:30:58 +03:00
Jouni Malinen
6a6566c7af Remove unnecessarily shadowed local variable
The same local X509 *cert variable can be used for both the X509_dup()
calls.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-07 16:40:33 +03:00
Elliott Hughes
ec5357323c Android: Always #include <sys/...>, not <linux/...>
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2014-07-31 16:59:23 +03:00
Jouni Malinen
905c7223b1 Add wpa_msg_global_ctrl()
This is similar to wpa_msg_global() in the same way as wpa_msg_ctrl() is
to wpa_msg(). In other words, wpa_msg_global_ctrl() is used to send
global control interface events without printing them into the debug
log.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-07-26 13:04:03 +03:00
Jouni Malinen
d1ecca6c15 HS 2.0 R2: Clear hs20-osu-client configuration keys explicitly
Use an explicit memset call to clear any hs20-osu-client configuration
parameter that contains private information like keys or identity. This
brings in an additional layer of protection by reducing the length of
time this type of private data is kept in memory.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-07-02 12:38:48 +03:00
Jouni Malinen
19c48da06b Clear wpa_supplicant configuration keys explicitly
Use an explicit memset call to clear any wpa_supplicant configuration
parameter that contains private information like keys or identity. This
brings in an additional layer of protection by reducing the length of
time this type of private data is kept in memory.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-07-02 12:38:48 +03:00
Jouni Malinen
70bfc77161 PCSC: Debug print extra response data
This shows any extra data from USIM response and also avoids a static
analyzer warning on dead increment.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-07-02 12:38:48 +03:00
Jouni Malinen
afc3c8b07f Add constant time memory comparison function os_memcmp_const
This function is meant for comparing passwords or hash values where
difference in execution time could provide external observer information
about the location of the difference in the memory buffers. The return
value does not behave like os_memcmp(), i.e., os_memcmp_const() cannot
be used to sort items into a defined order. Unlike os_memcmp(),
execution time of os_memcmp_const() does not depend on the contents of
the compared memory buffers, but only on the total compared length.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-07-02 12:38:47 +03:00
Jouni Malinen
ee54e4010e tests: printf_encode unit test for bounds checking
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-06-02 17:36:51 +03:00
Stuart Henderson
5dff6dff63 Fix off-by-one bounds checking in printf_encode()
The off-by-one error in printf_encode() bounds checking could have
allowed buffer overflow with 0x00 being written to the memory position
following the last octet of the target buffer. Since this output is used
as \0-terminated string, the following operation would likely read past
the buffer as well. Either of these operations can result in the process
dying either due to buffer overflow protection or by a read from
unallowed address.

This has been seen to cause wpa_supplicant crash on OpenBSD when control
interface client attaches (debug print shows the client socket address).
Similarly, it may be possible to trigger the issue in RADIUS/EAP server
implementation within hostapd with a suitable constructed user name.

Signed-off-by: Stuart Henderson <sthen@openbsd.org>
2014-06-02 17:36:18 +03:00
Jouni Malinen
f347935f0d tests: Unit tests for WPA_TRACE
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-27 00:03:06 +03:00
Jouni Malinen
a3fe74bde1 tests: Add unit tests for ext_password
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-26 23:57:32 +03:00