[pkg-wpa-devel] r969 - in /wpasupplicant/trunk: debian/ src/ src/common/ src/crypto/ src/drivers/ src/eap_common/ src/eap_peer/ src/eap_server/ src/hlr_auc_gw/ src/tls/ src/utils/ src/wps/ wpa_supplicant/ wpa_supplicant/vs2005/eapol_test/ wpa_supplicant/vs2005/wpa_supplicant/ wpa_supplicant/vs2005/wpasvc/ wpa_supplicant/wpa_gui-qt4/ wpa_supplicant/wpa_gui/
kelmo-guest at users.alioth.debian.org
kelmo-guest at users.alioth.debian.org
Tue Jan 1 13:55:42 UTC 2008
Author: kelmo-guest
Date: Tue Jan 1 13:55:42 2008
New Revision: 969
URL: http://svn.debian.org/wsvn/pkg-wpa/?sc=1&rev=969
Log:
import new git snapshot
Added:
wpasupplicant/trunk/src/crypto/dh_groups.c
- copied unchanged from r968, wpasupplicant/branches/upstream/current/src/crypto/dh_groups.c
wpasupplicant/trunk/src/crypto/dh_groups.h
- copied unchanged from r968, wpasupplicant/branches/upstream/current/src/crypto/dh_groups.h
wpasupplicant/trunk/src/eap_common/eap_ikev2_common.c
- copied unchanged from r968, wpasupplicant/branches/upstream/current/src/eap_common/eap_ikev2_common.c
wpasupplicant/trunk/src/eap_common/eap_ikev2_common.h
- copied unchanged from r968, wpasupplicant/branches/upstream/current/src/eap_common/eap_ikev2_common.h
wpasupplicant/trunk/src/eap_common/ikev2_common.c
- copied unchanged from r968, wpasupplicant/branches/upstream/current/src/eap_common/ikev2_common.c
wpasupplicant/trunk/src/eap_common/ikev2_common.h
- copied unchanged from r968, wpasupplicant/branches/upstream/current/src/eap_common/ikev2_common.h
wpasupplicant/trunk/src/eap_peer/eap_ikev2.c
- copied unchanged from r968, wpasupplicant/branches/upstream/current/src/eap_peer/eap_ikev2.c
wpasupplicant/trunk/src/eap_peer/ikev2.c
- copied unchanged from r968, wpasupplicant/branches/upstream/current/src/eap_peer/ikev2.c
wpasupplicant/trunk/src/eap_peer/ikev2.h
- copied unchanged from r968, wpasupplicant/branches/upstream/current/src/eap_peer/ikev2.h
wpasupplicant/trunk/src/eap_server/eap_ikev2.c
- copied unchanged from r968, wpasupplicant/branches/upstream/current/src/eap_server/eap_ikev2.c
wpasupplicant/trunk/src/eap_server/ikev2.c
- copied unchanged from r968, wpasupplicant/branches/upstream/current/src/eap_server/ikev2.c
wpasupplicant/trunk/src/eap_server/ikev2.h
- copied unchanged from r968, wpasupplicant/branches/upstream/current/src/eap_server/ikev2.h
wpasupplicant/trunk/src/wps/
- copied from r968, wpasupplicant/branches/upstream/current/src/wps/
Modified:
wpasupplicant/trunk/debian/changelog
wpasupplicant/trunk/src/Makefile
wpasupplicant/trunk/src/common/wpa_common.c
wpasupplicant/trunk/src/crypto/aes_wrap.c
wpasupplicant/trunk/src/crypto/aes_wrap.h
wpasupplicant/trunk/src/crypto/crypto.h
wpasupplicant/trunk/src/crypto/crypto_internal.c
wpasupplicant/trunk/src/crypto/crypto_openssl.c
wpasupplicant/trunk/src/crypto/ms_funcs.c
wpasupplicant/trunk/src/crypto/ms_funcs.h
wpasupplicant/trunk/src/crypto/sha1.h
wpasupplicant/trunk/src/crypto/tls.h
wpasupplicant/trunk/src/drivers/driver.h
wpasupplicant/trunk/src/drivers/driver_ndis.c
wpasupplicant/trunk/src/drivers/driver_wext.c
wpasupplicant/trunk/src/drivers/scan_helpers.c
wpasupplicant/trunk/src/eap_common/eap_defs.h
wpasupplicant/trunk/src/eap_common/eap_gpsk_common.c
wpasupplicant/trunk/src/eap_common/eap_psk_common.c
wpasupplicant/trunk/src/eap_common/eap_psk_common.h
wpasupplicant/trunk/src/eap_common/eap_sim_common.c
wpasupplicant/trunk/src/eap_common/eap_wsc_common.c
wpasupplicant/trunk/src/eap_common/eap_wsc_common.h
wpasupplicant/trunk/src/eap_peer/eap_fast.c
wpasupplicant/trunk/src/eap_peer/eap_methods.c
wpasupplicant/trunk/src/eap_peer/eap_mschapv2.c
wpasupplicant/trunk/src/eap_peer/eap_psk.c
wpasupplicant/trunk/src/eap_peer/eap_wsc.c
wpasupplicant/trunk/src/eap_server/eap_methods.c
wpasupplicant/trunk/src/eap_server/eap_mschapv2.c
wpasupplicant/trunk/src/eap_server/eap_peap.c
wpasupplicant/trunk/src/eap_server/eap_psk.c
wpasupplicant/trunk/src/eap_server/eap_ttls.c
wpasupplicant/trunk/src/eap_server/eap_wsc.c
wpasupplicant/trunk/src/hlr_auc_gw/milenage.c
wpasupplicant/trunk/src/hlr_auc_gw/milenage.h
wpasupplicant/trunk/src/tls/bignum.c
wpasupplicant/trunk/src/tls/tlsv1_client_write.c
wpasupplicant/trunk/src/tls/tlsv1_server_read.c
wpasupplicant/trunk/src/tls/tlsv1_server_write.c
wpasupplicant/trunk/src/utils/common.h
wpasupplicant/trunk/src/utils/wpabuf.c
wpasupplicant/trunk/src/utils/wpabuf.h
wpasupplicant/trunk/wpa_supplicant/ChangeLog
wpasupplicant/trunk/wpa_supplicant/Makefile
wpasupplicant/trunk/wpa_supplicant/README
wpasupplicant/trunk/wpa_supplicant/README-Windows.txt
wpasupplicant/trunk/wpa_supplicant/defconfig
wpasupplicant/trunk/wpa_supplicant/events.c
wpasupplicant/trunk/wpa_supplicant/vs2005/eapol_test/eapol_test.vcproj
wpasupplicant/trunk/wpa_supplicant/vs2005/wpa_supplicant/wpa_supplicant.vcproj
wpasupplicant/trunk/wpa_supplicant/vs2005/wpasvc/wpasvc.vcproj
wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/setup-mingw-cross-compiling
wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/wpagui.cpp
wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/wpamsg.h
wpasupplicant/trunk/wpa_supplicant/wpa_gui/wpamsg.h
wpasupplicant/trunk/wpa_supplicant/wpa_supplicant.c
wpasupplicant/trunk/wpa_supplicant/wpa_supplicant.conf
Modified: wpasupplicant/trunk/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/debian/changelog?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/debian/changelog (original)
+++ wpasupplicant/trunk/debian/changelog Tue Jan 1 13:55:42 2008
@@ -1,4 +1,4 @@
-wpasupplicant (0.6.2~git20071227.f320a8b-1) UNRELEASED; urgency=low
+wpasupplicant (0.6.2~git20080101.5da67aa-1) UNRELEASED; urgency=low
* New upstream git snapshot.
* Allow "wpa-key-mgmt NONE" to form a network block via the wpa_cli calls in
@@ -62,7 +62,7 @@
code. It also closes all child windows on File->Exit. (Closes: #426924)
* wpasupplicant now Suggests wpagui.
- -- Kel Modderman <kel at otaku42.de> Fri, 28 Dec 2007 12:14:40 +1000
+ -- Kel Modderman <kel at otaku42.de> Tue, 01 Jan 2008 23:55:04 +1000
wpasupplicant (0.6.1~git20071119-1) unstable; urgency=low
Modified: wpasupplicant/trunk/src/Makefile
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/Makefile?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/src/Makefile (original)
+++ wpasupplicant/trunk/src/Makefile Tue Jan 1 13:55:42 2008
@@ -1,4 +1,4 @@
-SUBDIRS=common crypto drivers hlr_auc_gw eapol_supp eap_common eap_peer eap_server l2_packet radius rsn_supp tls utils
+SUBDIRS=common crypto drivers hlr_auc_gw eapol_supp eap_common eap_peer eap_server l2_packet radius rsn_supp tls utils wps
all:
@echo Nothing to be made.
Modified: wpasupplicant/trunk/src/common/wpa_common.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/common/wpa_common.c?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/src/common/wpa_common.c (original)
+++ wpasupplicant/trunk/src/common/wpa_common.c Tue Jan 1 13:55:42 2008
@@ -58,8 +58,7 @@
break;
#ifdef CONFIG_IEEE80211R
case WPA_KEY_INFO_TYPE_AES_128_CMAC:
- omac1_aes_128(key, buf, len, mic);
- break;
+ return omac1_aes_128(key, buf, len, mic);
#endif /* CONFIG_IEEE80211R */
default:
return -1;
@@ -171,9 +170,12 @@
}
wpa_hexdump(MSG_MSGDUMP, "FT: MIC data", buf, pos - buf);
- if (use_aes_cmac)
- omac1_aes_128(kck, buf, pos - buf, mic);
- else
+ if (use_aes_cmac) {
+ if (omac1_aes_128(kck, buf, pos - buf, mic)) {
+ os_free(buf);
+ return -1;
+ }
+ } else
hmac_md5(kck, 16, buf, pos - buf, mic);
os_free(buf);
Modified: wpasupplicant/trunk/src/crypto/aes_wrap.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/crypto/aes_wrap.c?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/src/crypto/aes_wrap.c (original)
+++ wpasupplicant/trunk/src/crypto/aes_wrap.c Tue Jan 1 13:55:42 2008
@@ -345,7 +345,7 @@
u8 *buf;
size_t buf_len;
u8 nonce_mac[BLOCK_SIZE], hdr_mac[BLOCK_SIZE], data_mac[BLOCK_SIZE];
- int i;
+ int i, ret = -1;
if (nonce_len > data_len)
buf_len = nonce_len;
@@ -363,23 +363,29 @@
buf[15] = 0;
os_memcpy(buf + 16, nonce, nonce_len);
- omac1_aes_128(key, buf, 16 + nonce_len, nonce_mac);
+ if (omac1_aes_128(key, buf, 16 + nonce_len, nonce_mac))
+ goto fail;
buf[15] = 1;
os_memcpy(buf + 16, hdr, hdr_len);
- omac1_aes_128(key, buf, 16 + hdr_len, hdr_mac);
-
- aes_128_ctr_encrypt(key, nonce_mac, data, data_len);
+ if (omac1_aes_128(key, buf, 16 + hdr_len, hdr_mac))
+ goto fail;
+
+ if (aes_128_ctr_encrypt(key, nonce_mac, data, data_len))
+ goto fail;
buf[15] = 2;
os_memcpy(buf + 16, data, data_len);
- omac1_aes_128(key, buf, 16 + data_len, data_mac);
-
- os_free(buf);
+ if (omac1_aes_128(key, buf, 16 + data_len, data_mac))
+ goto fail;
for (i = 0; i < BLOCK_SIZE; i++)
tag[i] = nonce_mac[i] ^ data_mac[i] ^ hdr_mac[i];
- return 0;
+ ret = 0;
+fail:
+ os_free(buf);
+
+ return ret;
}
@@ -420,15 +426,24 @@
buf[15] = 0;
os_memcpy(buf + 16, nonce, nonce_len);
- omac1_aes_128(key, buf, 16 + nonce_len, nonce_mac);
+ if (omac1_aes_128(key, buf, 16 + nonce_len, nonce_mac)) {
+ os_free(buf);
+ return -1;
+ }
buf[15] = 1;
os_memcpy(buf + 16, hdr, hdr_len);
- omac1_aes_128(key, buf, 16 + hdr_len, hdr_mac);
+ if (omac1_aes_128(key, buf, 16 + hdr_len, hdr_mac)) {
+ os_free(buf);
+ return -1;
+ }
buf[15] = 2;
os_memcpy(buf + 16, data, data_len);
- omac1_aes_128(key, buf, 16 + data_len, data_mac);
+ if (omac1_aes_128(key, buf, 16 + data_len, data_mac)) {
+ os_free(buf);
+ return -1;
+ }
os_free(buf);
@@ -437,9 +452,7 @@
return -2;
}
- aes_128_ctr_encrypt(key, nonce_mac, data, data_len);
-
- return 0;
+ return aes_128_ctr_encrypt(key, nonce_mac, data, data_len);
}
#endif /* CONFIG_NO_AES_EAX */
Modified: wpasupplicant/trunk/src/crypto/aes_wrap.h
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/crypto/aes_wrap.h?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/src/crypto/aes_wrap.h (original)
+++ wpasupplicant/trunk/src/crypto/aes_wrap.h Tue Jan 1 13:55:42 2008
@@ -22,23 +22,27 @@
#ifndef AES_WRAP_H
#define AES_WRAP_H
-int aes_wrap(const u8 *kek, int n, const u8 *plain, u8 *cipher);
-int aes_unwrap(const u8 *kek, int n, const u8 *cipher, u8 *plain);
-int omac1_aes_128_vector(const u8 *key, size_t num_elem,
- const u8 *addr[], const size_t *len, u8 *mac);
-int omac1_aes_128(const u8 *key, const u8 *data, size_t data_len, u8 *mac);
-int aes_128_encrypt_block(const u8 *key, const u8 *in, u8 *out);
-int aes_128_ctr_encrypt(const u8 *key, const u8 *nonce,
- u8 *data, size_t data_len);
-int aes_128_eax_encrypt(const u8 *key, const u8 *nonce, size_t nonce_len,
- const u8 *hdr, size_t hdr_len,
- u8 *data, size_t data_len, u8 *tag);
-int aes_128_eax_decrypt(const u8 *key, const u8 *nonce, size_t nonce_len,
- const u8 *hdr, size_t hdr_len,
- u8 *data, size_t data_len, const u8 *tag);
-int aes_128_cbc_encrypt(const u8 *key, const u8 *iv, u8 *data,
- size_t data_len);
-int aes_128_cbc_decrypt(const u8 *key, const u8 *iv, u8 *data,
- size_t data_len);
+int __must_check aes_wrap(const u8 *kek, int n, const u8 *plain, u8 *cipher);
+int __must_check aes_unwrap(const u8 *kek, int n, const u8 *cipher, u8 *plain);
+int __must_check omac1_aes_128_vector(const u8 *key, size_t num_elem,
+ const u8 *addr[], const size_t *len,
+ u8 *mac);
+int __must_check omac1_aes_128(const u8 *key, const u8 *data, size_t data_len,
+ u8 *mac);
+int __must_check aes_128_encrypt_block(const u8 *key, const u8 *in, u8 *out);
+int __must_check aes_128_ctr_encrypt(const u8 *key, const u8 *nonce,
+ u8 *data, size_t data_len);
+int __must_check aes_128_eax_encrypt(const u8 *key,
+ const u8 *nonce, size_t nonce_len,
+ const u8 *hdr, size_t hdr_len,
+ u8 *data, size_t data_len, u8 *tag);
+int __must_check aes_128_eax_decrypt(const u8 *key,
+ const u8 *nonce, size_t nonce_len,
+ const u8 *hdr, size_t hdr_len,
+ u8 *data, size_t data_len, const u8 *tag);
+int __must_check aes_128_cbc_encrypt(const u8 *key, const u8 *iv, u8 *data,
+ size_t data_len);
+int __must_check aes_128_cbc_decrypt(const u8 *key, const u8 *iv, u8 *data,
+ size_t data_len);
#endif /* AES_WRAP_H */
Modified: wpasupplicant/trunk/src/crypto/crypto.h
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/crypto/crypto.h?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/src/crypto/crypto.h (original)
+++ wpasupplicant/trunk/src/crypto/crypto.h Tue Jan 1 13:55:42 2008
@@ -1,6 +1,6 @@
/*
* WPA Supplicant / wrapper functions for crypto libraries
- * Copyright (c) 2004-2005, Jouni Malinen <j at w1.fi>
+ * Copyright (c) 2004-2007, Jouni Malinen <j at w1.fi>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
@@ -67,7 +67,8 @@
* Publication 186-2 for EAP-SIM. This PRF uses a function that is similar to
* SHA-1, but has different message padding.
*/
-int fips186_2_prf(const u8 *seed, size_t seed_len, u8 *x, size_t xlen);
+int __must_check fips186_2_prf(const u8 *seed, size_t seed_len, u8 *x,
+ size_t xlen);
/**
* sha256_vector - SHA256 hash for data vector
@@ -222,8 +223,8 @@
* (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need
* to implement this.
*/
-int crypto_cipher_encrypt(struct crypto_cipher *ctx, const u8 *plain,
- u8 *crypt, size_t len);
+int __must_check crypto_cipher_encrypt(struct crypto_cipher *ctx,
+ const u8 *plain, u8 *crypt, size_t len);
/**
* crypto_cipher_decrypt - Cipher decrypt
@@ -237,8 +238,8 @@
* (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need
* to implement this.
*/
-int crypto_cipher_decrypt(struct crypto_cipher *ctx, const u8 *crypt,
- u8 *plain, size_t len);
+int __must_check crypto_cipher_decrypt(struct crypto_cipher *ctx,
+ const u8 *crypt, u8 *plain, size_t len);
/**
* crypto_cipher_decrypt - Free cipher context
@@ -313,9 +314,9 @@
* (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need
* to implement this.
*/
-int crypto_public_key_encrypt_pkcs1_v15(struct crypto_public_key *key,
- const u8 *in, size_t inlen,
- u8 *out, size_t *outlen);
+int __must_check crypto_public_key_encrypt_pkcs1_v15(
+ struct crypto_public_key *key, const u8 *in, size_t inlen,
+ u8 *out, size_t *outlen);
/**
* crypto_private_key_decrypt_pkcs1_v15 - Private key decryption (PKCS #1 v1.5)
@@ -330,9 +331,9 @@
* (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need
* to implement this.
*/
-int crypto_private_key_decrypt_pkcs1_v15(struct crypto_private_key *key,
- const u8 *in, size_t inlen,
- u8 *out, size_t *outlen);
+int __must_check crypto_private_key_decrypt_pkcs1_v15(
+ struct crypto_private_key *key, const u8 *in, size_t inlen,
+ u8 *out, size_t *outlen);
/**
* crypto_private_key_sign_pkcs1 - Sign with private key (PKCS #1)
@@ -347,9 +348,9 @@
* (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need
* to implement this.
*/
-int crypto_private_key_sign_pkcs1(struct crypto_private_key *key,
- const u8 *in, size_t inlen,
- u8 *out, size_t *outlen);
+int __must_check crypto_private_key_sign_pkcs1(struct crypto_private_key *key,
+ const u8 *in, size_t inlen,
+ u8 *out, size_t *outlen);
/**
* crypto_public_key_free - Free public key
@@ -380,9 +381,9 @@
* @plain_len: Plaintext length (max buffer size on input, real len on output);
* Returns: 0 on success, -1 on failure
*/
-int crypto_public_key_decrypt_pkcs1(struct crypto_public_key *key,
- const u8 *crypt, size_t crypt_len,
- u8 *plain, size_t *plain_len);
+int __must_check crypto_public_key_decrypt_pkcs1(
+ struct crypto_public_key *key, const u8 *crypt, size_t crypt_len,
+ u8 *plain, size_t *plain_len);
/**
* crypto_global_init - Initialize crypto wrapper
@@ -391,7 +392,7 @@
* (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need
* to implement this.
*/
-int crypto_global_init(void);
+int __must_check crypto_global_init(void);
/**
* crypto_global_deinit - Deinitialize crypto wrapper
@@ -422,9 +423,9 @@
* (CONFIG_TLS=internal). If that is not used, the crypto wrapper does not need
* to implement this.
*/
-int crypto_mod_exp(const u8 *base, size_t base_len,
- const u8 *power, size_t power_len,
- const u8 *modulus, size_t modulus_len,
- u8 *result, size_t *result_len);
+int __must_check crypto_mod_exp(const u8 *base, size_t base_len,
+ const u8 *power, size_t power_len,
+ const u8 *modulus, size_t modulus_len,
+ u8 *result, size_t *result_len);
#endif /* CRYPTO_H */
Modified: wpasupplicant/trunk/src/crypto/crypto_internal.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/crypto/crypto_internal.c?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/src/crypto/crypto_internal.c (original)
+++ wpasupplicant/trunk/src/crypto/crypto_internal.c Tue Jan 1 13:55:42 2008
@@ -684,7 +684,7 @@
u8 *result, size_t *result_len)
{
struct bignum *bn_base, *bn_exp, *bn_modulus, *bn_result;
- int ret = 0;
+ int ret = -1;
bn_base = bignum_init();
bn_exp = bignum_init();
Modified: wpasupplicant/trunk/src/crypto/crypto_openssl.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/crypto/crypto_openssl.c?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/src/crypto/crypto_openssl.c (original)
+++ wpasupplicant/trunk/src/crypto/crypto_openssl.c Tue Jan 1 13:55:42 2008
@@ -19,6 +19,7 @@
#include <openssl/sha.h>
#include <openssl/des.h>
#include <openssl/aes.h>
+#include <openssl/bn.h>
#include "common.h"
#include "crypto.h"
@@ -207,3 +208,41 @@
os_free(ctx);
}
#endif /* EAP_TLS_FUNCS */
+
+
+int crypto_mod_exp(const u8 *base, size_t base_len,
+ const u8 *power, size_t power_len,
+ const u8 *modulus, size_t modulus_len,
+ u8 *result, size_t *result_len)
+{
+ BIGNUM *bn_base, *bn_exp, *bn_modulus, *bn_result;
+ int ret = -1;
+ BN_CTX *ctx;
+
+ ctx = BN_CTX_new();
+ if (ctx == NULL)
+ return -1;
+
+ bn_base = BN_bin2bn(base, base_len, NULL);
+ bn_exp = BN_bin2bn(power, power_len, NULL);
+ bn_modulus = BN_bin2bn(modulus, modulus_len, NULL);
+ bn_result = BN_new();
+
+ if (bn_base == NULL || bn_exp == NULL || bn_modulus == NULL ||
+ bn_result == NULL)
+ goto error;
+
+ if (BN_mod_exp(bn_result, bn_base, bn_exp, bn_modulus, ctx) != 1)
+ goto error;
+
+ *result_len = BN_bn2bin(bn_result, result);
+ ret = 0;
+
+error:
+ BN_free(bn_base);
+ BN_free(bn_exp);
+ BN_free(bn_modulus);
+ BN_free(bn_result);
+ BN_CTX_free(ctx);
+ return ret;
+}
Modified: wpasupplicant/trunk/src/crypto/ms_funcs.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/crypto/ms_funcs.c?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/src/crypto/ms_funcs.c (original)
+++ wpasupplicant/trunk/src/crypto/ms_funcs.c Tue Jan 1 13:55:42 2008
@@ -62,7 +62,7 @@
size_t i, len;
if (password_len > 256)
- return;
+ password_len = 256;
/* Convert password into unicode */
for (i = 0; i < password_len; i++) {
@@ -391,8 +391,9 @@
* @old_password: 0-to-256-unicode-char OldPassword (IN; ASCII)
* @old_password_len: Length of old_password
* @encrypted_pw_block: 516-octet EncryptedPwBlock (OUT)
- */
-void new_password_encrypted_with_old_nt_password_hash(
+ * Returns: 0 on success, -1 on failure
+ */
+int new_password_encrypted_with_old_nt_password_hash(
const u8 *new_password, size_t new_password_len,
const u8 *old_password, size_t old_password_len,
u8 *encrypted_pw_block)
@@ -400,8 +401,11 @@
u8 password_hash[16];
nt_password_hash(old_password, old_password_len, password_hash);
- encrypt_pw_block_with_password_hash(new_password, new_password_len,
- password_hash, encrypted_pw_block);
+ if (encrypt_pw_block_with_password_hash(new_password, new_password_len,
+ password_hash,
+ encrypted_pw_block))
+ return -1;
+ return 0;
}
Modified: wpasupplicant/trunk/src/crypto/ms_funcs.h
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/crypto/ms_funcs.h?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/src/crypto/ms_funcs.h (original)
+++ wpasupplicant/trunk/src/crypto/ms_funcs.h Tue Jan 1 13:55:42 2008
@@ -47,10 +47,10 @@
void get_asymetric_start_key(const u8 *master_key, u8 *session_key,
size_t session_key_len, int is_send,
int is_server);
-int encrypt_pw_block_with_password_hash(
+int __must_check encrypt_pw_block_with_password_hash(
const u8 *password, size_t password_len,
const u8 *password_hash, u8 *pw_block);
-void new_password_encrypted_with_old_nt_password_hash(
+int __must_check new_password_encrypted_with_old_nt_password_hash(
const u8 *new_password, size_t new_password_len,
const u8 *old_password, size_t old_password_len,
u8 *encrypted_pw_block);
Modified: wpasupplicant/trunk/src/crypto/sha1.h
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/crypto/sha1.h?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/src/crypto/sha1.h (original)
+++ wpasupplicant/trunk/src/crypto/sha1.h Tue Jan 1 13:55:42 2008
@@ -25,8 +25,9 @@
const u8 *data, size_t data_len, u8 *buf, size_t buf_len);
void sha1_t_prf(const u8 *key, size_t key_len, const char *label,
const u8 *seed, size_t seed_len, u8 *buf, size_t buf_len);
-int tls_prf(const u8 *secret, size_t secret_len, const char *label,
- const u8 *seed, size_t seed_len, u8 *out, size_t outlen);
+int __must_check tls_prf(const u8 *secret, size_t secret_len,
+ const char *label, const u8 *seed, size_t seed_len,
+ u8 *out, size_t outlen);
void pbkdf2_sha1(const char *passphrase, const char *ssid, size_t ssid_len,
int iterations, u8 *buf, size_t buflen);
Modified: wpasupplicant/trunk/src/crypto/tls.h
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/crypto/tls.h?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/src/crypto/tls.h (original)
+++ wpasupplicant/trunk/src/crypto/tls.h Tue Jan 1 13:55:42 2008
@@ -189,8 +189,9 @@
* TLS_SET_PARAMS_ENGINE_PRV_VERIFY_FAILED (-3) on failure to verify the
* PKCS#11 engine private key.
*/
-int tls_connection_set_params(void *tls_ctx, struct tls_connection *conn,
- const struct tls_connection_params *params);
+int __must_check
+tls_connection_set_params(void *tls_ctx, struct tls_connection *conn,
+ const struct tls_connection_params *params);
/**
* tls_global_set_params - Set TLS parameters for all TLS connection
@@ -202,8 +203,8 @@
* TLS_SET_PARAMS_ENGINE_PRV_VERIFY_FAILED (-3) on failure to verify the
* PKCS#11 engine private key.
*/
-int tls_global_set_params(void *tls_ctx,
- const struct tls_connection_params *params);
+int __must_check tls_global_set_params(
+ void *tls_ctx, const struct tls_connection_params *params);
/**
* tls_global_set_verify - Set global certificate verification options
@@ -212,7 +213,7 @@
* 2 = verify CRL for all certificates
* Returns: 0 on success, -1 on failure
*/
-int tls_global_set_verify(void *tls_ctx, int check_crl);
+int __must_check tls_global_set_verify(void *tls_ctx, int check_crl);
/**
* tls_connection_set_verify - Set certificate verification options
@@ -221,8 +222,9 @@
* @verify_peer: 1 = verify peer certificate
* Returns: 0 on success, -1 on failure
*/
-int tls_connection_set_verify(void *tls_ctx, struct tls_connection *conn,
- int verify_peer);
+int __must_check tls_connection_set_verify(void *tls_ctx,
+ struct tls_connection *conn,
+ int verify_peer);
/**
* tls_connection_set_ia - Set TLS/IA parameters
@@ -234,8 +236,9 @@
* This function is used to configure TLS/IA in server mode where
* tls_connection_set_params() is not used.
*/
-int tls_connection_set_ia(void *tls_ctx, struct tls_connection *conn,
- int tls_ia);
+int __must_check tls_connection_set_ia(void *tls_ctx,
+ struct tls_connection *conn,
+ int tls_ia);
/**
* tls_connection_get_keys - Get master key and random data from TLS connection
@@ -244,8 +247,9 @@
* @keys: Structure of key/random data (filled on success)
* Returns: 0 on success, -1 on failure
*/
-int tls_connection_get_keys(void *tls_ctx, struct tls_connection *conn,
- struct tls_keys *keys);
+int __must_check tls_connection_get_keys(void *tls_ctx,
+ struct tls_connection *conn,
+ struct tls_keys *keys);
/**
* tls_connection_prf - Use TLS-PRF to derive keying material
@@ -267,9 +271,11 @@
* when it is called with seed set to client_random|server_random (or
* server_random|client_random).
*/
-int tls_connection_prf(void *tls_ctx, struct tls_connection *conn,
- const char *label, int server_random_first,
- u8 *out, size_t out_len);
+int __must_check tls_connection_prf(void *tls_ctx,
+ struct tls_connection *conn,
+ const char *label,
+ int server_random_first,
+ u8 *out, size_t out_len);
/**
* tls_connection_handshake - Process TLS handshake (client side)
@@ -335,9 +341,10 @@
* This function is used after TLS handshake has been completed successfully to
* send data in the encrypted tunnel.
*/
-int tls_connection_encrypt(void *tls_ctx, struct tls_connection *conn,
- const u8 *in_data, size_t in_len,
- u8 *out_data, size_t out_len);
+int __must_check tls_connection_encrypt(void *tls_ctx,
+ struct tls_connection *conn,
+ const u8 *in_data, size_t in_len,
+ u8 *out_data, size_t out_len);
/**
* tls_connection_decrypt - Decrypt data from TLS tunnel
@@ -352,9 +359,10 @@
* This function is used after TLS handshake has been completed successfully to
* receive data from the encrypted tunnel.
*/
-int tls_connection_decrypt(void *tls_ctx, struct tls_connection *conn,
- const u8 *in_data, size_t in_len,
- u8 *out_data, size_t out_len);
+int __must_check tls_connection_decrypt(void *tls_ctx,
+ struct tls_connection *conn,
+ const u8 *in_data, size_t in_len,
+ u8 *out_data, size_t out_len);
/**
* tls_connection_resumed - Was session resumption used
@@ -380,8 +388,9 @@
* (TLS_CIPHER_*).
* Returns: 0 on success, -1 on failure
*/
-int tls_connection_set_cipher_list(void *tls_ctx, struct tls_connection *conn,
- u8 *ciphers);
+int __must_check tls_connection_set_cipher_list(void *tls_ctx,
+ struct tls_connection *conn,
+ u8 *ciphers);
/**
* tls_get_cipher - Get current cipher name
@@ -393,8 +402,8 @@
*
* Get the name of the currently used cipher.
*/
-int tls_get_cipher(void *tls_ctx, struct tls_connection *conn,
- char *buf, size_t buflen);
+int __must_check tls_get_cipher(void *tls_ctx, struct tls_connection *conn,
+ char *buf, size_t buflen);
/**
* tls_connection_enable_workaround - Enable TLS workaround options
@@ -405,8 +414,8 @@
* This function is used to enable connection-specific workaround options for
* buffer SSL/TLS implementations.
*/
-int tls_connection_enable_workaround(void *tls_ctx,
- struct tls_connection *conn);
+int __must_check tls_connection_enable_workaround(void *tls_ctx,
+ struct tls_connection *conn);
/**
* tls_connection_client_hello_ext - Set TLS extension for ClientHello
@@ -417,9 +426,10 @@
* @data_len: Extension payload length
* Returns: 0 on success, -1 on failure
*/
-int tls_connection_client_hello_ext(void *tls_ctx, struct tls_connection *conn,
- int ext_type, const u8 *data,
- size_t data_len);
+int __must_check tls_connection_client_hello_ext(void *tls_ctx,
+ struct tls_connection *conn,
+ int ext_type, const u8 *data,
+ size_t data_len);
/**
* tls_connection_get_failed - Get connection failure status
@@ -479,10 +489,9 @@
* This function is used to send the TLS/IA end phase message, e.g., when the
* EAP server completes EAP-TTLSv1.
*/
-int tls_connection_ia_send_phase_finished(void *tls_ctx,
- struct tls_connection *conn,
- int final,
- u8 *out_data, size_t out_len);
+int __must_check tls_connection_ia_send_phase_finished(
+ void *tls_ctx, struct tls_connection *conn, int final,
+ u8 *out_data, size_t out_len);
/**
* tls_connection_ia_final_phase_finished - Has final phase been completed
@@ -491,8 +500,8 @@
* Returns: 1 if valid FinalPhaseFinished has been received, 0 if not, or -1
* on failure
*/
-int tls_connection_ia_final_phase_finished(void *tls_ctx,
- struct tls_connection *conn);
+int __must_check tls_connection_ia_final_phase_finished(
+ void *tls_ctx, struct tls_connection *conn);
/**
* tls_connection_ia_permute_inner_secret - Permute TLS/IA inner secret
@@ -503,17 +512,16 @@
* @key_len: Length of session key material
* Returns: 0 on success, -1 on failure
*/
-int tls_connection_ia_permute_inner_secret(void *tls_ctx,
- struct tls_connection *conn,
- const u8 *key, size_t key_len);
+int __must_check tls_connection_ia_permute_inner_secret(
+ void *tls_ctx, struct tls_connection *conn,
+ const u8 *key, size_t key_len);
typedef int (*tls_session_ticket_cb)
(void *ctx, const u8 *ticket, size_t len, const u8 *client_random,
const u8 *server_random, u8 *master_secret);
-int tls_connection_set_session_ticket_cb(void *tls_ctx,
- struct tls_connection *conn,
- tls_session_ticket_cb cb,
- void *ctx);
+int __must_check tls_connection_set_session_ticket_cb(
+ void *tls_ctx, struct tls_connection *conn,
+ tls_session_ticket_cb cb, void *ctx);
#endif /* TLS_H */
Modified: wpasupplicant/trunk/src/drivers/driver.h
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/drivers/driver.h?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/src/drivers/driver.h (original)
+++ wpasupplicant/trunk/src/drivers/driver.h Tue Jan 1 13:55:42 2008
@@ -1207,5 +1207,6 @@
u8 * wpa_scan_get_vendor_ie(struct wpa_scan_res *res, u32 vendor_type);
int wpa_scan_get_max_rate(struct wpa_scan_res *res);
void wpa_scan_results_free(struct wpa_scan_results *res);
+void wpa_scan_sort_results(struct wpa_scan_results *res);
#endif /* DRIVER_H */
Modified: wpasupplicant/trunk/src/drivers/driver_ndis.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/drivers/driver_ndis.c?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/src/drivers/driver_ndis.c (original)
+++ wpasupplicant/trunk/src/drivers/driver_ndis.c Tue Jan 1 13:55:42 2008
@@ -729,90 +729,49 @@
}
-static void wpa_driver_ndis_get_ies(struct wpa_scan_result *res, u8 *ie,
- size_t ie_len)
-{
- u8 *pos = ie;
- u8 *end = ie + ie_len;
- NDIS_802_11_FIXED_IEs *fixed;
-
- if (ie_len < sizeof(NDIS_802_11_FIXED_IEs))
- return;
-
- fixed = (NDIS_802_11_FIXED_IEs *) pos;
- res->tsf = WPA_GET_LE64(fixed->Timestamp);
- pos += sizeof(NDIS_802_11_FIXED_IEs);
- /* wpa_hexdump(MSG_MSGDUMP, "IEs", pos, end - pos); */
- while (pos + 1 < end && pos + 2 + pos[1] <= end) {
- u8 ielen = 2 + pos[1];
- if (pos[0] == WLAN_EID_VENDOR_SPECIFIC && pos[1] >= 4 &&
- os_memcmp(pos + 2, "\x00\x50\xf2\x01", 4) == 0) {
- if (ielen > SSID_MAX_WPA_IE_LEN) {
- pos += ielen;
- continue;
- }
- os_memcpy(res->wpa_ie, pos, ielen);
- res->wpa_ie_len = ielen;
- } else if (pos[0] == WLAN_EID_RSN) {
- if (ielen > SSID_MAX_WPA_IE_LEN) {
- pos += ielen;
- continue;
- }
- os_memcpy(res->rsn_ie, pos, ielen);
- res->rsn_ie_len = ielen;
- }
- pos += ielen;
- }
-}
-
-
-static int wpa_driver_ndis_get_scan_results(void *priv,
- struct wpa_scan_result *results,
- size_t max_size)
+static struct wpa_scan_results * wpa_driver_ndis_get_scan_results(void *priv)
{
struct wpa_driver_ndis_data *drv = priv;
NDIS_802_11_BSSID_LIST_EX *b;
size_t blen, count, i;
- int len, j;
+ int len;
char *pos;
+ struct wpa_scan_results *results;
+ struct wpa_scan_res *r;
blen = 65535;
b = os_zalloc(blen);
if (b == NULL)
- return -1;
+ return NULL;
len = ndis_get_oid(drv, OID_802_11_BSSID_LIST, (char *) b, blen);
if (len < 0) {
wpa_printf(MSG_DEBUG, "NDIS: failed to get scan results");
os_free(b);
- return -1;
+ return NULL;
}
count = b->NumberOfItems;
- if (count > max_size)
- count = max_size;
-
- os_memset(results, 0, max_size * sizeof(struct wpa_scan_result));
+ results = os_zalloc(sizeof(*results));
+ if (results == NULL) {
+ os_free(b);
+ return NULL;
+ }
+ results->res = os_zalloc(count * sizeof(struct wpa_scan_res *));
+ if (results->res == NULL) {
+ os_free(results);
+ os_free(b);
+ return NULL;
+ }
+
pos = (char *) &b->Bssid[0];
for (i = 0; i < count; i++) {
NDIS_WLAN_BSSID_EX *bss = (NDIS_WLAN_BSSID_EX *) pos;
- os_memcpy(results[i].bssid, bss->MacAddress, ETH_ALEN);
- os_memcpy(results[i].ssid, bss->Ssid.Ssid,
- bss->Ssid.SsidLength);
- results[i].ssid_len = bss->Ssid.SsidLength;
- if (bss->Privacy)
- results[i].caps |= IEEE80211_CAP_PRIVACY;
- if (bss->InfrastructureMode == Ndis802_11IBSS)
- results[i].caps |= IEEE80211_CAP_IBSS;
- else if (bss->InfrastructureMode == Ndis802_11Infrastructure)
- results[i].caps |= IEEE80211_CAP_ESS;
- results[i].level = (int) bss->Rssi;
- results[i].freq = bss->Configuration.DSConfig / 1000;
- for (j = 0; j < sizeof(bss->SupportedRates); j++) {
- if ((bss->SupportedRates[j] & 0x7f) >
- results[i].maxrate) {
- results[i].maxrate =
- bss->SupportedRates[j] & 0x7f;
- }
+ NDIS_802_11_FIXED_IEs *fixed;
+
+ if (bss->IELength < sizeof(NDIS_802_11_FIXED_IEs)) {
+ wpa_printf(MSG_DEBUG, "NDIS: too small IELength=%d",
+ (int) bss->IELength);
+ break;
}
if (((char *) bss->IEs) + bss->IELength > (char *) b + blen) {
/*
@@ -823,18 +782,37 @@
*/
wpa_printf(MSG_DEBUG, "NDIS: skipped invalid scan "
"result IE (BSSID=" MACSTR ") IELength=%d",
- MAC2STR(results[i].bssid),
+ MAC2STR(bss->MacAddress),
(int) bss->IELength);
break;
}
- wpa_driver_ndis_get_ies(&results[i], bss->IEs, bss->IELength);
+
+ r = os_zalloc(sizeof(*r) + bss->IELength -
+ sizeof(NDIS_802_11_FIXED_IEs));
+ if (r == NULL)
+ break;
+
+ os_memcpy(r->bssid, bss->MacAddress, ETH_ALEN);
+ r->level = (int) bss->Rssi;
+ r->freq = bss->Configuration.DSConfig / 1000;
+ fixed = (NDIS_802_11_FIXED_IEs *) bss->IEs;
+ r->beacon_int = WPA_GET_LE16((u8 *) &fixed->BeaconInterval);
+ r->caps = WPA_GET_LE16((u8 *) &fixed->Capabilities);
+ r->tsf = WPA_GET_LE64(fixed->Timestamp);
+ os_memcpy(r + 1, bss->IEs + sizeof(NDIS_802_11_FIXED_IEs),
+ bss->IELength - sizeof(NDIS_802_11_FIXED_IEs));
+ r->ie_len = bss->IELength - sizeof(NDIS_802_11_FIXED_IEs);
+
+ results->res[results->num++] = r;
+
pos += bss->Length;
if (pos > (char *) b + blen)
break;
}
os_free(b);
- return (int) count;
+
+ return results;
}
@@ -2826,7 +2804,7 @@
NULL /* set_countermeasures */,
NULL /* set_drop_unencrypted */,
wpa_driver_ndis_scan,
- wpa_driver_ndis_get_scan_results,
+ NULL /* get_scan_results */,
wpa_driver_ndis_deauthenticate,
wpa_driver_ndis_disassociate,
wpa_driver_ndis_associate,
@@ -2849,5 +2827,6 @@
NULL /* mlme_add_sta */,
NULL /* mlme_remove_sta */,
NULL /* update_ft_ies */,
- NULL /* send_ft_action */
+ NULL /* send_ft_action */,
+ wpa_driver_ndis_get_scan_results
};
Modified: wpasupplicant/trunk/src/drivers/driver_wext.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/drivers/driver_wext.c?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/src/drivers/driver_wext.c (original)
+++ wpasupplicant/trunk/src/drivers/driver_wext.c Tue Jan 1 13:55:42 2008
@@ -1125,52 +1125,6 @@
drv->ctx);
return ret;
-}
-
-
-/* Compare function for sorting scan results. Return >0 if @b is considered
- * better. */
-static int wpa_scan_result_compar(const void *a, const void *b)
-{
- struct wpa_scan_res **_wa = (void *) a;
- struct wpa_scan_res **_wb = (void *) b;
- struct wpa_scan_res *wa = *_wa;
- struct wpa_scan_res *wb = *_wb;
- int wpa_a, wpa_b, maxrate_a, maxrate_b;
-
- /* WPA/WPA2 support preferred */
- wpa_a = wpa_scan_get_vendor_ie(wa, WPA_IE_VENDOR_TYPE) != NULL ||
- wpa_scan_get_ie(wa, WLAN_EID_RSN) != NULL;
- wpa_b = wpa_scan_get_vendor_ie(wb, WPA_IE_VENDOR_TYPE) != NULL ||
- wpa_scan_get_ie(wb, WLAN_EID_RSN) != NULL;
-
- if (wpa_b && !wpa_a)
- return 1;
- if (!wpa_b && wpa_a)
- return -1;
-
- /* privacy support preferred */
- if ((wa->caps & IEEE80211_CAP_PRIVACY) == 0 &&
- (wb->caps & IEEE80211_CAP_PRIVACY))
- return 1;
- if ((wa->caps & IEEE80211_CAP_PRIVACY) &&
- (wb->caps & IEEE80211_CAP_PRIVACY) == 0)
- return -1;
-
- /* best/max rate preferred if signal level close enough XXX */
- maxrate_a = wpa_scan_get_max_rate(wa);
- maxrate_b = wpa_scan_get_max_rate(wb);
- if (maxrate_a != maxrate_b && abs(wb->level - wa->level) < 5)
- return maxrate_b - maxrate_a;
-
- /* use freq for channel preference */
-
- /* all things being equal, use signal level; if signal levels are
- * identical, use quality values since some drivers may only report
- * that value and leave the signal level zero */
- if (wb->level == wa->level)
- return wb->qual - wa->qual;
- return wb->level - wa->level;
}
@@ -1394,6 +1348,7 @@
if (tmp == NULL)
return;
hexstr2bin(spos, tmp + res->ie_len, bytes);
+ res->ie = tmp;
res->ie_len += bytes;
} else if (clen > 4 && os_strncmp(custom, "tsf=", 4) == 0) {
char *spos;
@@ -1583,9 +1538,6 @@
if (!first)
wpa_driver_wext_add_scan_entry(res, &data);
os_free(data.ie);
-
- qsort(res->res, res->num, sizeof(struct wpa_scan_res *),
- wpa_scan_result_compar);
wpa_printf(MSG_DEBUG, "Received %lu bytes of scan results (%lu BSSes)",
(unsigned long) len, (unsigned long) res->num);
Modified: wpasupplicant/trunk/src/drivers/scan_helpers.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/drivers/scan_helpers.c?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/src/drivers/scan_helpers.c (original)
+++ wpasupplicant/trunk/src/drivers/scan_helpers.c Tue Jan 1 13:55:42 2008
@@ -92,3 +92,56 @@
os_free(res->res);
os_free(res);
}
+
+
+/* Compare function for sorting scan results. Return >0 if @b is considered
+ * better. */
+static int wpa_scan_result_compar(const void *a, const void *b)
+{
+ struct wpa_scan_res **_wa = (void *) a;
+ struct wpa_scan_res **_wb = (void *) b;
+ struct wpa_scan_res *wa = *_wa;
+ struct wpa_scan_res *wb = *_wb;
+ int wpa_a, wpa_b, maxrate_a, maxrate_b;
+
+ /* WPA/WPA2 support preferred */
+ wpa_a = wpa_scan_get_vendor_ie(wa, WPA_IE_VENDOR_TYPE) != NULL ||
+ wpa_scan_get_ie(wa, WLAN_EID_RSN) != NULL;
+ wpa_b = wpa_scan_get_vendor_ie(wb, WPA_IE_VENDOR_TYPE) != NULL ||
+ wpa_scan_get_ie(wb, WLAN_EID_RSN) != NULL;
+
+ if (wpa_b && !wpa_a)
+ return 1;
+ if (!wpa_b && wpa_a)
+ return -1;
+
+ /* privacy support preferred */
+ if ((wa->caps & IEEE80211_CAP_PRIVACY) == 0 &&
+ (wb->caps & IEEE80211_CAP_PRIVACY))
+ return 1;
+ if ((wa->caps & IEEE80211_CAP_PRIVACY) &&
+ (wb->caps & IEEE80211_CAP_PRIVACY) == 0)
+ return -1;
+
+ /* best/max rate preferred if signal level close enough XXX */
+ maxrate_a = wpa_scan_get_max_rate(wa);
+ maxrate_b = wpa_scan_get_max_rate(wb);
+ if (maxrate_a != maxrate_b && abs(wb->level - wa->level) < 5)
+ return maxrate_b - maxrate_a;
+
+ /* use freq for channel preference */
+
+ /* all things being equal, use signal level; if signal levels are
+ * identical, use quality values since some drivers may only report
+ * that value and leave the signal level zero */
+ if (wb->level == wa->level)
+ return wb->qual - wa->qual;
+ return wb->level - wa->level;
+}
+
+
+void wpa_scan_sort_results(struct wpa_scan_results *res)
+{
+ qsort(res->res, res->num, sizeof(struct wpa_scan_res *),
+ wpa_scan_result_compar);
+}
Modified: wpasupplicant/trunk/src/eap_common/eap_defs.h
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/eap_common/eap_defs.h?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/src/eap_common/eap_defs.h (original)
+++ wpasupplicant/trunk/src/eap_common/eap_defs.h Tue Jan 1 13:55:42 2008
@@ -38,6 +38,10 @@
/* EAP Request and Response data begins with one octet Type. Success and
* Failure do not have additional data. */
+/*
+ * EAP Method Types as allocated by IANA:
+ * http://www.iana.org/assignments/eap-numbers
+ */
typedef enum {
EAP_TYPE_NONE = 0,
EAP_TYPE_IDENTITY = 1 /* RFC 3748 */,
@@ -61,6 +65,7 @@
EAP_TYPE_PAX = 46 /* RFC 4746 */,
EAP_TYPE_PSK = 47 /* RFC 4764 */,
EAP_TYPE_SAKE = 48 /* RFC 4763 */,
+ EAP_TYPE_IKEV2 = 49 /* draft-tschofenig-eap-ikev2-15.txt */,
EAP_TYPE_EXPANDED = 254 /* RFC 3748 */,
EAP_TYPE_GPSK = 255 /* EXPERIMENTAL - type not yet allocated
* draft-ietf-emu-eap-gpsk-01.txt */
Modified: wpasupplicant/trunk/src/eap_common/eap_gpsk_common.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/eap_common/eap_gpsk_common.c?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/src/eap_common/eap_gpsk_common.c (original)
+++ wpasupplicant/trunk/src/eap_common/eap_gpsk_common.c Tue Jan 1 13:55:42 2008
@@ -66,7 +66,8 @@
n = (len + hashlen - 1) / hashlen;
for (i = 1; i <= n; i++) {
WPA_PUT_BE16(ibuf, i);
- omac1_aes_128_vector(psk, 2, addr, vlen, hash);
+ if (omac1_aes_128_vector(psk, 2, addr, vlen, hash))
+ return -1;
clen = left > hashlen ? hashlen : left;
os_memcpy(opos, hash, clen);
opos += clen;
Modified: wpasupplicant/trunk/src/eap_common/eap_psk_common.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/eap_common/eap_psk_common.c?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/src/eap_common/eap_psk_common.c (original)
+++ wpasupplicant/trunk/src/eap_common/eap_psk_common.c Tue Jan 1 13:55:42 2008
@@ -22,43 +22,53 @@
#define aes_block_size 16
-void eap_psk_key_setup(const u8 *psk, u8 *ak, u8 *kdk)
+int eap_psk_key_setup(const u8 *psk, u8 *ak, u8 *kdk)
{
os_memset(ak, 0, aes_block_size);
- aes_128_encrypt_block(psk, ak, ak);
+ if (aes_128_encrypt_block(psk, ak, ak))
+ return -1;
os_memcpy(kdk, ak, aes_block_size);
ak[aes_block_size - 1] ^= 0x01;
kdk[aes_block_size - 1] ^= 0x02;
- aes_128_encrypt_block(psk, ak, ak);
- aes_128_encrypt_block(psk, kdk, kdk);
+ if (aes_128_encrypt_block(psk, ak, ak) ||
+ aes_128_encrypt_block(psk, kdk, kdk))
+ return -1;
+ return 0;
}
-void eap_psk_derive_keys(const u8 *kdk, const u8 *rand_p, u8 *tek, u8 *msk,
- u8 *emsk)
+int eap_psk_derive_keys(const u8 *kdk, const u8 *rand_p, u8 *tek, u8 *msk,
+ u8 *emsk)
{
u8 hash[aes_block_size];
u8 counter = 1;
int i;
- aes_128_encrypt_block(kdk, rand_p, hash);
+ if (aes_128_encrypt_block(kdk, rand_p, hash))
+ return -1;
hash[aes_block_size - 1] ^= counter;
- aes_128_encrypt_block(kdk, hash, tek);
+ if (aes_128_encrypt_block(kdk, hash, tek))
+ return -1;
hash[aes_block_size - 1] ^= counter;
counter++;
for (i = 0; i < EAP_MSK_LEN / aes_block_size; i++) {
hash[aes_block_size - 1] ^= counter;
- aes_128_encrypt_block(kdk, hash, &msk[i * aes_block_size]);
+ if (aes_128_encrypt_block(kdk, hash, &msk[i * aes_block_size]))
+ return -1;
hash[aes_block_size - 1] ^= counter;
counter++;
}
for (i = 0; i < EAP_EMSK_LEN / aes_block_size; i++) {
hash[aes_block_size - 1] ^= counter;
- aes_128_encrypt_block(kdk, hash, &emsk[i * aes_block_size]);
+ if (aes_128_encrypt_block(kdk, hash,
+ &emsk[i * aes_block_size]))
+ return -1;
hash[aes_block_size - 1] ^= counter;
counter++;
}
+
+ return 0;
}
Modified: wpasupplicant/trunk/src/eap_common/eap_psk_common.h
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/eap_common/eap_psk_common.h?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/src/eap_common/eap_psk_common.h (original)
+++ wpasupplicant/trunk/src/eap_common/eap_psk_common.h Tue Jan 1 13:55:42 2008
@@ -71,8 +71,8 @@
#endif /* _MSC_VER */
-void eap_psk_key_setup(const u8 *psk, u8 *ak, u8 *kdk);
-void eap_psk_derive_keys(const u8 *kdk, const u8 *rand_p, u8 *tek, u8 *msk,
- u8 *emsk);
+int __must_check eap_psk_key_setup(const u8 *psk, u8 *ak, u8 *kdk);
+int __must_check eap_psk_derive_keys(const u8 *kdk, const u8 *rand_p, u8 *tek,
+ u8 *msk, u8 *emsk);
#endif /* EAP_PSK_COMMON_H */
Modified: wpasupplicant/trunk/src/eap_common/eap_sim_common.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/eap_common/eap_sim_common.c?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/src/eap_common/eap_sim_common.c (original)
+++ wpasupplicant/trunk/src/eap_common/eap_sim_common.c Tue Jan 1 13:55:42 2008
@@ -611,7 +611,10 @@
return NULL;
os_memcpy(decrypted, encr_data, encr_data_len);
- aes_128_cbc_decrypt(k_encr, iv, decrypted, encr_data_len);
+ if (aes_128_cbc_decrypt(k_encr, iv, decrypted, encr_data_len)) {
+ os_free(decrypted);
+ return NULL;
+ }
wpa_hexdump(MSG_MSGDUMP, "EAP-SIM: Decrypted AT_ENCR_DATA",
decrypted, encr_data_len);
@@ -810,11 +813,9 @@
wpa_printf(MSG_DEBUG, " (AT_ENCR_DATA data len %lu)",
(unsigned long) encr_len);
wpabuf_mhead_u8(msg->buf)[msg->encr + 1] = encr_len / 4 + 1;
- aes_128_cbc_encrypt(k_encr, wpabuf_head_u8(msg->buf) + msg->iv,
- wpabuf_mhead_u8(msg->buf) + msg->encr + 4,
- encr_len);
-
- return 0;
+ return aes_128_cbc_encrypt(k_encr, wpabuf_head_u8(msg->buf) + msg->iv,
+ wpabuf_mhead_u8(msg->buf) + msg->encr + 4,
+ encr_len);
}
Modified: wpasupplicant/trunk/src/eap_common/eap_wsc_common.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/eap_common/eap_wsc_common.c?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/src/eap_common/eap_wsc_common.c (original)
+++ wpasupplicant/trunk/src/eap_common/eap_wsc_common.c Tue Jan 1 13:55:42 2008
@@ -17,6 +17,7 @@
#include "common.h"
#include "eap_defs.h"
#include "eap_common.h"
+#include "wps/wps.h"
#include "eap_wsc_common.h"
struct wpabuf * eap_wsc_build_frag_ack(u8 id, u8 code)
Modified: wpasupplicant/trunk/src/eap_common/eap_wsc_common.h
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/eap_common/eap_wsc_common.h?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/src/eap_common/eap_wsc_common.h (original)
+++ wpasupplicant/trunk/src/eap_common/eap_wsc_common.h Tue Jan 1 13:55:42 2008
@@ -17,15 +17,6 @@
#define EAP_VENDOR_TYPE_WSC 1
-enum wsc_op_code {
- WSC_Start = 0x01,
- WSC_ACK = 0x02,
- WSC_NACK = 0x03,
- WSC_MSG = 0x04,
- WSC_Done = 0x05,
- WSC_FRAG_ACK = 0x06
-};
-
#define WSC_FLAGS_MF 0x01
#define WSC_FLAGS_LF 0x02
Modified: wpasupplicant/trunk/src/eap_peer/eap_fast.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/eap_peer/eap_fast.c?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/src/eap_peer/eap_fast.c (original)
+++ wpasupplicant/trunk/src/eap_peer/eap_fast.c Tue Jan 1 13:55:42 2008
@@ -212,7 +212,10 @@
* fragments before data, so disable that workaround for CBC.
* TODO: consider making this configurable
*/
- tls_connection_enable_workaround(sm->ssl_ctx, data->ssl.conn);
+ if (tls_connection_enable_workaround(sm->ssl_ctx, data->ssl.conn)) {
+ wpa_printf(MSG_DEBUG, "EAP-FAST: Failed to enable TLS "
+ "workarounds");
+ }
if (data->use_pac_binary_format &&
eap_fast_load_pac_bin(sm, &data->pac, config->pac_file) < 0) {
@@ -1432,10 +1435,10 @@
in_decrypted);
if (wpabuf_len(in_decrypted) < 4) {
- wpabuf_free(in_decrypted);
wpa_printf(MSG_INFO, "EAP-FAST: Too short Phase 2 "
"TLV frame (len=%lu)",
(unsigned long) wpabuf_len(in_decrypted));
+ wpabuf_free(in_decrypted);
return -1;
}
Modified: wpasupplicant/trunk/src/eap_peer/eap_methods.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/eap_peer/eap_methods.c?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/src/eap_peer/eap_methods.c (original)
+++ wpasupplicant/trunk/src/eap_peer/eap_methods.c Tue Jan 1 13:55:42 2008
@@ -462,6 +462,13 @@
}
#endif /* EAP_WSC */
+#ifdef EAP_IKEV2
+ if (ret == 0) {
+ int eap_peer_ikev2_register(void);
+ ret = eap_peer_ikev2_register();
+ }
+#endif /* EAP_IKEV2 */
+
#ifdef EAP_VENDOR_TEST
if (ret == 0) {
int eap_peer_vendor_test_register(void);
Modified: wpasupplicant/trunk/src/eap_peer/eap_mschapv2.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/eap_peer/eap_mschapv2.c?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/src/eap_peer/eap_mschapv2.c (original)
+++ wpasupplicant/trunk/src/eap_peer/eap_mschapv2.c Tue Jan 1 13:55:42 2008
@@ -623,13 +623,15 @@
/* Encrypted-Password */
if (pwhash) {
- encrypt_pw_block_with_password_hash(
- new_password, new_password_len,
- password, cp->encr_password);
+ if (encrypt_pw_block_with_password_hash(
+ new_password, new_password_len,
+ password, cp->encr_password))
+ goto fail;
} else {
- new_password_encrypted_with_old_nt_password_hash(
- new_password, new_password_len,
- password, password_len, cp->encr_password);
+ if (new_password_encrypted_with_old_nt_password_hash(
+ new_password, new_password_len,
+ password, password_len, cp->encr_password))
+ goto fail;
}
/* Encrypted-Hash */
@@ -647,10 +649,8 @@
}
/* Peer-Challenge */
- if (os_get_random(cp->peer_challenge, MSCHAPV2_CHAL_LEN)) {
- wpabuf_free(resp);
- return NULL;
- }
+ if (os_get_random(cp->peer_challenge, MSCHAPV2_CHAL_LEN))
+ goto fail;
/* Reserved, must be zero */
os_memset(cp->reserved, 0, 8);
@@ -694,6 +694,10 @@
"(change pw)", id, ms->mschapv2_id);
return resp;
+
+fail:
+ wpabuf_free(resp);
+ return NULL;
}
Modified: wpasupplicant/trunk/src/eap_peer/eap_psk.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/eap_peer/eap_psk.c?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/src/eap_peer/eap_psk.c (original)
+++ wpasupplicant/trunk/src/eap_peer/eap_psk.c Tue Jan 1 13:55:42 2008
@@ -48,7 +48,10 @@
data = os_zalloc(sizeof(*data));
if (data == NULL)
return NULL;
- eap_psk_key_setup(config->eappsk, data->ak, data->kdk);
+ if (eap_psk_key_setup(config->eappsk, data->ak, data->kdk)) {
+ os_free(data);
+ return NULL;
+ }
wpa_hexdump_key(MSG_DEBUG, "EAP-PSK: AK", data->ak, EAP_PSK_AK_LEN);
wpa_hexdump_key(MSG_DEBUG, "EAP-PSK: KDK", data->kdk, EAP_PSK_KDK_LEN);
data->state = PSK_INIT;
@@ -154,7 +157,11 @@
os_memcpy(pos, hdr1->rand_s, EAP_PSK_RAND_LEN);
pos += EAP_PSK_RAND_LEN;
os_memcpy(pos, data->rand_p, EAP_PSK_RAND_LEN);
- omac1_aes_128(data->ak, buf, buflen, hdr2->mac_p);
+ if (omac1_aes_128(data->ak, buf, buflen, hdr2->mac_p)) {
+ os_free(buf);
+ wpabuf_free(resp);
+ return NULL;
+ }
os_free(buf);
wpa_hexdump(MSG_DEBUG, "EAP-PSK: RAND_P", hdr2->rand_p,
EAP_PSK_RAND_LEN);
@@ -225,7 +232,10 @@
return NULL;
os_memcpy(buf, data->id_s, data->id_s_len);
os_memcpy(buf + data->id_s_len, data->rand_p, EAP_PSK_RAND_LEN);
- omac1_aes_128(data->ak, buf, buflen, mac);
+ if (omac1_aes_128(data->ak, buf, buflen, mac)) {
+ os_free(buf);
+ return NULL;
+ }
os_free(buf);
if (os_memcmp(mac, hdr3->mac_s, EAP_PSK_MAC_LEN) != 0) {
wpa_printf(MSG_WARNING, "EAP-PSK: Invalid MAC_S in third "
@@ -236,8 +246,12 @@
}
wpa_printf(MSG_DEBUG, "EAP-PSK: MAC_S verified successfully");
- eap_psk_derive_keys(data->kdk, data->rand_p, data->tek,
- data->msk, data->emsk);
+ if (eap_psk_derive_keys(data->kdk, data->rand_p, data->tek,
+ data->msk, data->emsk)) {
+ ret->methodState = METHOD_DONE;
+ ret->decision = DECISION_FAIL;
+ return NULL;
+ }
wpa_hexdump_key(MSG_DEBUG, "EAP-PSK: TEK", data->tek, EAP_PSK_TEK_LEN);
wpa_hexdump_key(MSG_DEBUG, "EAP-PSK: MSK", data->msk, EAP_MSK_LEN);
wpa_hexdump_key(MSG_DEBUG, "EAP-PSK: EMSK", data->emsk, EAP_EMSK_LEN);
@@ -331,9 +345,14 @@
wpa_hexdump(MSG_DEBUG, "EAP-PSK: reply message (plaintext)",
rpchannel + 4 + 16, data_len);
- aes_128_eax_encrypt(data->tek, nonce, sizeof(nonce), wpabuf_head(resp),
- sizeof(struct eap_hdr) + 1 + sizeof(*hdr4),
- rpchannel + 4 + 16, data_len, rpchannel + 4);
+ if (aes_128_eax_encrypt(data->tek, nonce, sizeof(nonce),
+ wpabuf_head(resp),
+ sizeof(struct eap_hdr) + 1 + sizeof(*hdr4),
+ rpchannel + 4 + 16, data_len, rpchannel + 4)) {
+ os_free(decrypted);
+ wpabuf_free(resp);
+ return NULL;
+ }
wpa_hexdump(MSG_DEBUG, "EAP-PSK: reply message (PCHANNEL)",
rpchannel, 4 + 16 + data_len);
Modified: wpasupplicant/trunk/src/eap_peer/eap_wsc.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/eap_peer/eap_wsc.c?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/src/eap_peer/eap_wsc.c (original)
+++ wpasupplicant/trunk/src/eap_peer/eap_wsc.c Tue Jan 1 13:55:42 2008
@@ -17,123 +17,16 @@
#include "common.h"
#include "eap_i.h"
#include "eap_common/eap_wsc_common.h"
-
-
-struct wps_data {
- int registrar;
- int msg_num;
-};
-
-
-static struct wps_data * wps_init(int registrar)
-{
- struct wps_data *data = os_zalloc(sizeof(*data));
- if (data == NULL)
- return NULL;
- data->registrar = registrar;
- data->msg_num = 1;
- return data;
-}
-
-
-static void wps_deinit(struct wps_data *data)
-{
- os_free(data);
-}
-
-
-enum wps_process_res {
- WPS_DONE, WPS_CONTINUE, WPS_FAILURE, WPS_PENDING
-};
-
-static enum wps_process_res wps_process_msg(struct wps_data *wps, u8 op_code,
- const u8 *msg, size_t msg_len)
-{
- /* TODO: proper processing and/or sending to an external process */
-
- wpa_hexdump(MSG_MSGDUMP, "WPS: Received message", msg, msg_len);
- if ((wps->registrar && (wps->msg_num & 1) == 0) ||
- (!wps->registrar && (wps->msg_num & 1) == 1)) {
- wpa_printf(MSG_DEBUG, "WPS: Unexpected message number %d",
- wps->msg_num);
- return WPS_FAILURE;
- }
-
- if (wps->msg_num <= 8 && op_code == WSC_MSG) {
- wpa_printf(MSG_DEBUG, "WPS: Process M%d", wps->msg_num);
- } else if (wps->registrar && wps->msg_num == 9 &&
- op_code == WSC_Done) {
- wpa_printf(MSG_DEBUG, "WPS: Process Done");
- } else {
- wpa_printf(MSG_DEBUG, "WPS: Unexpected Op-Code %d "
- "(msg_num=%d)", op_code, wps->msg_num);
- return WPS_FAILURE;
- }
-
- wps->msg_num++;
- return WPS_CONTINUE;
-
-}
-
-
-static u8 * wps_get_msg(struct wps_data *wps, size_t *msg_len, u8 *op_code)
-{
- u8 *msg;
-
- /* TODO: proper processing and/or query from an external process */
-
- if ((wps->registrar && (wps->msg_num & 1) == 1) ||
- (!wps->registrar && (wps->msg_num & 1) == 0)) {
- wpa_printf(MSG_DEBUG, "WPS: Unexpected request for message "
- "number %d", wps->msg_num);
- return NULL;
- }
-
- if (wps->msg_num == 7 || wps->msg_num == 8) {
- msg = os_zalloc(2000);
- if (msg == NULL)
- return NULL;
- *msg_len = 2000;
- *op_code = WSC_MSG;
- *msg = WSC_MSG;
- wpa_printf(MSG_DEBUG, "WPS: Send M%d", wps->msg_num);
- } else if (wps->msg_num <= 6) {
- msg = os_zalloc(1);
- if (msg == NULL)
- return NULL;
- *msg_len = 1;
- *op_code = WSC_MSG;
- *msg = WSC_MSG;
- wpa_printf(MSG_DEBUG, "WPS: Send M%d", wps->msg_num);
- } else if (!wps->registrar && wps->msg_num == 9) {
- msg = os_zalloc(1);
- if (msg == NULL)
- return NULL;
- *msg_len = 1;
- *op_code = WSC_Done;
- *msg = WSC_Done;
- wpa_printf(MSG_DEBUG, "WPS: Send Done");
- } else if (wps->registrar && wps->msg_num == 10) {
- msg = os_zalloc(1);
- if (msg == NULL)
- return NULL;
- *msg_len = 1;
- *op_code = WSC_ACK;
- *msg = WSC_ACK;
- wpa_printf(MSG_DEBUG, "WPS: Send ACK");
- } else
- return NULL;
-
- wps->msg_num++;
- return msg;
-}
+#include "wps/wps.h"
struct eap_wsc_data {
enum { WAIT_START, MSG, FRAG_ACK, WAIT_FRAG_ACK, DONE, FAIL } state;
int registrar;
- u8 *in_buf, *out_buf, in_op_code, out_op_code;
- size_t in_len, in_used, out_len, out_used;
+ struct wpabuf *in_buf;
+ struct wpabuf *out_buf;
+ u8 in_op_code, out_op_code;
+ size_t out_used;
size_t fragment_size;
struct wps_data *wps;
};
@@ -195,7 +88,7 @@
return NULL;
data->state = registrar ? MSG : WAIT_START;
data->registrar = registrar;
- data->wps = wps_init(registrar);
+ data->wps = wps_init(0, registrar);
if (data->wps == NULL) {
os_free(data);
return NULL;
@@ -209,8 +102,8 @@
static void eap_wsc_deinit(struct eap_sm *sm, void *priv)
{
struct eap_wsc_data *data = priv;
- os_free(data->in_buf);
- os_free(data->out_buf);
+ wpabuf_free(data->in_buf);
+ wpabuf_free(data->out_buf);
wps_deinit(data->wps);
os_free(data);
}
@@ -228,7 +121,7 @@
ret->allowNotifications = TRUE;
flags = 0;
- send_len = data->out_len - data->out_used;
+ send_len = wpabuf_len(data->out_buf) - data->out_used;
if (2 + send_len > data->fragment_size) {
send_len = data->fragment_size - 2;
flags |= WSC_FLAGS_MF;
@@ -248,21 +141,22 @@
wpabuf_put_u8(resp, data->out_op_code); /* Op-Code */
wpabuf_put_u8(resp, flags); /* Flags */
if (flags & WSC_FLAGS_LF)
- wpabuf_put_be16(resp, data->out_len);
-
- wpabuf_put_data(resp, data->out_buf + data->out_used, send_len);
+ wpabuf_put_be16(resp, wpabuf_len(data->out_buf));
+
+ wpabuf_put_data(resp, wpabuf_head_u8(data->out_buf) + data->out_used,
+ send_len);
data->out_used += send_len;
ret->methodState = METHOD_MAY_CONT;
ret->decision = DECISION_FAIL;
- if (data->out_used == data->out_len) {
+ if (data->out_used == wpabuf_len(data->out_buf)) {
wpa_printf(MSG_DEBUG, "EAP-WSC: Sending out %lu bytes "
"(message sent completely)",
(unsigned long) send_len);
- os_free(data->out_buf);
+ wpabuf_free(data->out_buf);
data->out_buf = NULL;
- data->out_len = data->out_used = 0;
+ data->out_used = 0;
if ((data->state == FAIL && data->out_op_code == WSC_ACK) ||
data->out_op_code == WSC_NACK ||
data->out_op_code == WSC_Done) {
@@ -273,11 +167,73 @@
} else {
wpa_printf(MSG_DEBUG, "EAP-WSC: Sending out %lu bytes "
"(%lu more to send)", (unsigned long) send_len,
- (unsigned long) data->out_len - data->out_used);
+ (unsigned long) wpabuf_len(data->out_buf) -
+ data->out_used);
eap_wsc_state(data, WAIT_FRAG_ACK);
}
return resp;
+}
+
+
+static int eap_wsc_process_cont(struct eap_wsc_data *data,
+ const u8 *buf, size_t len, u8 op_code)
+{
+ /* Process continuation of a pending message */
+ if (op_code != data->in_op_code) {
+ wpa_printf(MSG_DEBUG, "EAP-WSC: Unexpected Op-Code %d in "
+ "fragment (expected %d)",
+ op_code, data->in_op_code);
+ return -1;
+ }
+
+ if (len > wpabuf_tailroom(data->in_buf)) {
+ wpa_printf(MSG_DEBUG, "EAP-WSC: Fragment overflow");
+ eap_wsc_state(data, FAIL);
+ return -1;
+ }
+
+ wpabuf_put_data(data->in_buf, buf, len);
+ wpa_printf(MSG_DEBUG, "EAP-WSC: Received %lu bytes, waiting "
+ "for %lu bytes more", (unsigned long) len,
+ (unsigned long) wpabuf_tailroom(data->in_buf));
+
+ return 0;
+}
+
+
+static struct wpabuf * eap_wsc_process_fragment(struct eap_wsc_data *data,
+ struct eap_method_ret *ret,
+ u8 id, u8 flags, u8 op_code,
+ u16 message_length,
+ const u8 *buf, size_t len)
+{
+ /* Process a fragment that is not the last one of the message */
+ if (data->in_buf == NULL && !(flags & WSC_FLAGS_LF)) {
+ wpa_printf(MSG_DEBUG, "EAP-WSC: No Message Length field in a "
+ "fragmented packet");
+ ret->ignore = TRUE;
+ return NULL;
+ }
+
+ if (data->in_buf == NULL) {
+ /* First fragment of the message */
+ data->in_buf = wpabuf_alloc(message_length);
+ if (data->in_buf == NULL) {
+ wpa_printf(MSG_DEBUG, "EAP-WSC: No memory for "
+ "message");
+ ret->ignore = TRUE;
+ return NULL;
+ }
+ data->in_op_code = op_code;
+ wpabuf_put_data(data->in_buf, buf, len);
+ wpa_printf(MSG_DEBUG, "EAP-WSC: Received %lu bytes in first "
+ "fragment, waiting for %lu bytes more",
+ (unsigned long) len,
+ (unsigned long) wpabuf_tailroom(data->in_buf));
+ }
+
+ return eap_wsc_build_frag_ack(id, EAP_CODE_RESPONSE);
}
@@ -290,9 +246,8 @@
size_t len;
u8 op_code, flags, id;
u16 message_length = 0;
- const u8 *msg;
- size_t msg_len;
enum wps_process_res res;
+ struct wpabuf tmpbuf;
pos = eap_hdr_validate(EAP_VENDOR_WFA, EAP_VENDOR_TYPE_WSC, reqData,
&len);
@@ -367,72 +322,29 @@
return NULL;
}
- if (data->in_buf) {
- /* Process continuation of a pending message */
- if (op_code != data->in_op_code) {
- wpa_printf(MSG_DEBUG, "EAP-WSC: Unexpected Op-Code %d "
- "in fragment (expected %d)",
- op_code, data->in_op_code);
- ret->ignore = TRUE;
- return NULL;
- }
-
- if (data->in_used + (end - pos) > data->in_len) {
- wpa_printf(MSG_DEBUG, "EAP-WSC: Fragment overflow");
- ret->ignore = TRUE;
- return NULL;
- }
-
- os_memcpy(data->in_buf + data->in_used, pos, end - pos);
- data->in_used += end - pos;
- wpa_printf(MSG_DEBUG, "EAP-WSC: Received %u bytes, waiting "
- "for %lu bytes more", (unsigned int) (end - pos),
- (unsigned long) data->in_len - data->in_used);
+ if (data->in_buf &&
+ eap_wsc_process_cont(data, pos, end - pos, op_code) < 0) {
+ ret->ignore = TRUE;
+ return NULL;
}
if (flags & WSC_FLAGS_MF) {
- if (data->in_buf == NULL && !(flags & WSC_FLAGS_LF)) {
- wpa_printf(MSG_DEBUG, "EAP-WSC: No Message Length "
- "field in a fragmented packet");
- ret->ignore = TRUE;
- return NULL;
- }
-
- if (data->in_buf == NULL) {
- /* First fragment of the message */
- data->in_buf = os_malloc(message_length);
- if (data->in_buf == NULL) {
- wpa_printf(MSG_DEBUG, "EAP-WSC: No memory for "
- "message");
- ret->ignore = TRUE;
- return NULL;
- }
- data->in_len = message_length;
- data->in_used = end - pos;
- data->in_op_code = op_code;
- os_memcpy(data->in_buf, pos, data->in_used);
- wpa_printf(MSG_DEBUG, "EAP-WSC: Received %lu bytes in "
- "first fragment, waiting for %lu bytes more",
- (unsigned long) data->in_used,
- (unsigned long) data->in_len - data->in_used);
- }
-
- return eap_wsc_build_frag_ack(id, EAP_CODE_RESPONSE);
- }
-
- if (data->in_buf) {
- msg = data->in_buf;
- msg_len = data->in_len;
- } else {
- msg = pos;
- msg_len = end - pos;
- }
-
- res = wps_process_msg(data->wps, op_code, msg, msg_len);
+ return eap_wsc_process_fragment(data, ret, id, flags, op_code,
+ message_length, pos,
+ end - pos);
+ }
+
+ if (data->in_buf == NULL) {
+ /* Wrap unfragmented messages as wpabuf without extra copy */
+ wpabuf_set(&tmpbuf, pos, end - pos);
+ data->in_buf = &tmpbuf;
+ }
+
+ res = wps_process_msg(data->wps, op_code, data->in_buf);
switch (res) {
case WPS_DONE:
wpa_printf(MSG_DEBUG, "EAP-WSC: WPS processing completed "
- "successfully - report EAP failure");
+ "successfully - wait for EAP failure");
eap_wsc_state(data, FAIL);
break;
case WPS_CONTINUE:
@@ -445,22 +357,24 @@
case WPS_PENDING:
wpa_printf(MSG_DEBUG, "EAP-WSC: WPS processing pending");
ret->ignore = TRUE;
- return NULL;
- }
-
- os_free(data->in_buf);
+ if (data->in_buf == &tmpbuf)
+ data->in_buf = NULL;
+ return NULL;
+ }
+
+ if (data->in_buf != &tmpbuf)
+ wpabuf_free(data->in_buf);
data->in_buf = NULL;
- data->in_len = data->in_used = 0;
send_msg:
if (data->out_buf == NULL) {
- data->out_buf = wps_get_msg(data->wps, &data->out_len,
- &data->out_op_code);
+ data->out_buf = wps_get_msg(data->wps, &data->out_op_code);
if (data->out_buf == NULL) {
wpa_printf(MSG_DEBUG, "EAP-WSC: Failed to receive "
"message from WPS");
return NULL;
}
+ data->out_used = 0;
}
eap_wsc_state(data, MSG);
Modified: wpasupplicant/trunk/src/eap_server/eap_methods.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/eap_server/eap_methods.c?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/src/eap_server/eap_methods.c (original)
+++ wpasupplicant/trunk/src/eap_server/eap_methods.c Tue Jan 1 13:55:42 2008
@@ -261,6 +261,13 @@
}
#endif /* EAP_WSC */
+#ifdef EAP_IKEV2
+ if (ret == 0) {
+ int eap_server_ikev2_register(void);
+ ret = eap_server_ikev2_register();
+ }
+#endif /* EAP_IKEV2 */
+
return ret;
}
Modified: wpasupplicant/trunk/src/eap_server/eap_mschapv2.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/eap_server/eap_mschapv2.c?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/src/eap_server/eap_mschapv2.c (original)
+++ wpasupplicant/trunk/src/eap_server/eap_mschapv2.c Tue Jan 1 13:55:42 2008
@@ -397,23 +397,16 @@
* not be saved. */
if (sm->user->password_hash) {
pw_hash = sm->user->password;
- generate_authenticator_response_pwhash(
- sm->user->password, peer_challenge,
- data->auth_challenge, username, username_len,
- nt_response, data->auth_response);
} else {
nt_password_hash(sm->user->password,
sm->user->password_len,
pw_hash_buf);
pw_hash = pw_hash_buf;
- generate_authenticator_response(sm->user->password,
- sm->user->password_len,
- peer_challenge,
- data->auth_challenge,
- username, username_len,
- nt_response,
- data->auth_response);
}
+ generate_authenticator_response_pwhash(
+ pw_hash, peer_challenge, data->auth_challenge,
+ username, username_len, nt_response,
+ data->auth_response);
hash_nt_password_hash(pw_hash, pw_hash_hash);
get_master_key(pw_hash_hash, nt_response, data->master_key);
Modified: wpasupplicant/trunk/src/eap_server/eap_peap.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/eap_server/eap_peap.c?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/src/eap_server/eap_peap.c (original)
+++ wpasupplicant/trunk/src/eap_server/eap_peap.c Tue Jan 1 13:55:42 2008
@@ -532,23 +532,26 @@
}
hdr = wpabuf_head(in_decrypted);
if (wpabuf_len(in_decrypted) < (int) sizeof(*hdr)) {
+ wpa_printf(MSG_INFO, "EAP-PEAP: Too short Phase 2 "
+ "EAP frame (len=%lu)",
+ (unsigned long) wpabuf_len(in_decrypted));
wpabuf_free(in_decrypted);
- wpa_printf(MSG_INFO, "EAP-PEAP: Too short Phase 2 "
- "EAP frame (len=%d)", wpabuf_len(in_decrypted));
eap_peap_req_failure(sm, data);
return;
}
len = be_to_host16(hdr->length);
if (len > wpabuf_len(in_decrypted)) {
+ wpa_printf(MSG_INFO, "EAP-PEAP: Length mismatch in "
+ "Phase 2 EAP frame (len=%lu hdr->length=%lu)",
+ (unsigned long) wpabuf_len(in_decrypted),
+ (unsigned long) len);
wpabuf_free(in_decrypted);
- wpa_printf(MSG_INFO, "EAP-PEAP: Length mismatch in "
- "Phase 2 EAP frame (len=%d hdr->length=%d)",
- wpabuf_len(in_decrypted), len);
eap_peap_req_failure(sm, data);
return;
}
wpa_printf(MSG_DEBUG, "EAP-PEAP: received Phase 2: code=%d "
- "identifier=%d length=%d", hdr->code, hdr->identifier, len);
+ "identifier=%d length=%lu", hdr->code, hdr->identifier,
+ (unsigned long) len);
switch (hdr->code) {
case EAP_CODE_RESPONSE:
eap_peap_process_phase2_response(sm, data, in_decrypted);
Modified: wpasupplicant/trunk/src/eap_server/eap_psk.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/eap_server/eap_psk.c?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/src/eap_server/eap_psk.c (original)
+++ wpasupplicant/trunk/src/eap_server/eap_psk.c Tue Jan 1 13:55:42 2008
@@ -119,18 +119,18 @@
/* MAC_S = OMAC1-AES-128(AK, ID_S||RAND_P) */
buflen = data->id_s_len + EAP_PSK_RAND_LEN;
buf = os_malloc(buflen);
- if (buf == NULL) {
- wpabuf_free(req);
- data->state = FAILURE;
- return NULL;
- }
+ if (buf == NULL)
+ goto fail;
+
os_memcpy(buf, data->id_s, data->id_s_len);
os_memcpy(buf + data->id_s_len, data->rand_p, EAP_PSK_RAND_LEN);
- omac1_aes_128(data->ak, buf, buflen, psk->mac_s);
+ if (omac1_aes_128(data->ak, buf, buflen, psk->mac_s))
+ goto fail;
os_free(buf);
- eap_psk_derive_keys(data->kdk, data->rand_p, data->tek, data->msk,
- data->emsk);
+ if (eap_psk_derive_keys(data->kdk, data->rand_p, data->tek, data->msk,
+ data->emsk))
+ goto fail;
wpa_hexdump_key(MSG_DEBUG, "EAP-PSK: TEK", data->tek, EAP_PSK_TEK_LEN);
wpa_hexdump_key(MSG_DEBUG, "EAP-PSK: MSK", data->msk, EAP_MSK_LEN);
wpa_hexdump_key(MSG_DEBUG, "EAP-PSK: EMSK", data->emsk, EAP_EMSK_LEN);
@@ -142,13 +142,19 @@
pchannel[4 + 16] = EAP_PSK_R_FLAG_DONE_SUCCESS << 6;
wpa_hexdump(MSG_DEBUG, "EAP-PSK: PCHANNEL (plaintext)",
pchannel, 4 + 16 + 1);
- aes_128_eax_encrypt(data->tek, nonce, sizeof(nonce),
- wpabuf_head(req), 22,
- pchannel + 4 + 16, 1, pchannel + 4);
+ if (aes_128_eax_encrypt(data->tek, nonce, sizeof(nonce),
+ wpabuf_head(req), 22,
+ pchannel + 4 + 16, 1, pchannel + 4))
+ goto fail;
wpa_hexdump(MSG_DEBUG, "EAP-PSK: PCHANNEL (encrypted)",
pchannel, 4 + 16 + 1);
return req;
+
+fail:
+ wpabuf_free(req);
+ data->state = FAILURE;
+ return NULL;
}
@@ -281,7 +287,10 @@
data->state = FAILURE;
return;
}
- eap_psk_key_setup(sm->user->password, data->ak, data->kdk);
+ if (eap_psk_key_setup(sm->user->password, data->ak, data->kdk)) {
+ data->state = FAILURE;
+ return;
+ }
wpa_hexdump_key(MSG_DEBUG, "EAP-PSK: AK", data->ak, EAP_PSK_AK_LEN);
wpa_hexdump_key(MSG_DEBUG, "EAP-PSK: KDK", data->kdk, EAP_PSK_KDK_LEN);
@@ -303,7 +312,11 @@
os_memcpy(pos, data->rand_s, EAP_PSK_RAND_LEN);
pos += EAP_PSK_RAND_LEN;
os_memcpy(pos, data->rand_p, EAP_PSK_RAND_LEN);
- omac1_aes_128(data->ak, buf, buflen, mac);
+ if (omac1_aes_128(data->ak, buf, buflen, mac)) {
+ os_free(buf);
+ data->state = FAILURE;
+ return;
+ }
os_free(buf);
wpa_hexdump(MSG_DEBUG, "EAP-PSK: MAC_P", resp->mac_p, EAP_PSK_MAC_LEN);
if (os_memcmp(mac, resp->mac_p, EAP_PSK_MAC_LEN) != 0) {
Modified: wpasupplicant/trunk/src/eap_server/eap_ttls.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/eap_server/eap_ttls.c?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/src/eap_server/eap_ttls.c (original)
+++ wpasupplicant/trunk/src/eap_server/eap_ttls.c Tue Jan 1 13:55:42 2008
@@ -1341,8 +1341,9 @@
eap_ttls_state(data, FAILURE);
} else {
wpa_printf(MSG_DEBUG, "EAP-TTLS/MSCHAPV2: Unexpected "
- "frame from peer (payload len %d, expected "
- "empty frame)", left);
+ "frame from peer (payload len %lu, "
+ "expected empty frame)",
+ (unsigned long) left);
eap_ttls_state(data, FAILURE);
}
break;
Modified: wpasupplicant/trunk/src/eap_server/eap_wsc.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/eap_server/eap_wsc.c?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/src/eap_server/eap_wsc.c (original)
+++ wpasupplicant/trunk/src/eap_server/eap_wsc.c Tue Jan 1 13:55:42 2008
@@ -17,137 +17,16 @@
#include "common.h"
#include "eap_i.h"
#include "eap_common/eap_wsc_common.h"
-
-
-struct wps_data {
- int registrar;
- int msg_num;
-};
-
-
-static struct wps_data * wps_init(int registrar)
-{
- struct wps_data *data = os_zalloc(sizeof(*data));
- if (data == NULL)
- return NULL;
- data->registrar = registrar;
- data->msg_num = 1;
- return data;
-}
-
-
-static void wps_deinit(struct wps_data *data)
-{
- os_free(data);
-}
-
-
-enum wps_process_res {
- WPS_DONE, WPS_CONTINUE, WPS_FAILURE, WPS_PENDING
-};
-
-static enum wps_process_res wps_process_msg(struct wps_data *wps, u8 op_code,
- const u8 *msg, size_t msg_len)
-{
- /* TODO: proper processing and/or sending to an external process */
-
- wpa_hexdump(MSG_MSGDUMP, "WPS: Received message", msg, msg_len);
- if ((wps->registrar && (wps->msg_num & 1) == 0) ||
- (!wps->registrar && (wps->msg_num & 1) == 1)) {
- wpa_printf(MSG_DEBUG, "WPS: Unexpected message number %d",
- wps->msg_num);
- return WPS_FAILURE;
- }
-
- if (wps->msg_num <= 8 && op_code == WSC_MSG) {
- wpa_printf(MSG_DEBUG, "WPS: Process M%d", wps->msg_num);
- } else if (wps->registrar && wps->msg_num == 3 &&
- op_code == WSC_ACK) {
- wpa_printf(MSG_DEBUG, "WPS: Process ACK to M2/M2D");
- /* could send out next M2/M2D */
- return WPS_DONE;
- } else if (wps->registrar && wps->msg_num == 3 &&
- op_code == WSC_Done) {
- wpa_printf(MSG_DEBUG, "WPS: Process Done to M2/M2D");
- return WPS_DONE;
- } else if (wps->msg_num <= 8 && op_code == WSC_Done) {
- wpa_printf(MSG_DEBUG, "WPS: Process Done prior to completion");
- return WPS_DONE;
- } else if (wps->msg_num <= 8 && op_code == WSC_ACK) {
- wpa_printf(MSG_DEBUG, "WPS: Process ACK prior to completion");
- return WPS_DONE;
- } else if (wps->msg_num <= 8 && op_code == WSC_NACK) {
- wpa_printf(MSG_DEBUG, "WPS: Process NACK prior to completion");
- return WPS_DONE;
- } else if (wps->registrar && wps->msg_num == 9 &&
- op_code == WSC_Done) {
- wpa_printf(MSG_DEBUG, "WPS: Process Done");
- return WPS_DONE;
- } else if (!wps->registrar && wps->msg_num == 10 &&
- op_code == WSC_ACK) {
- wpa_printf(MSG_DEBUG, "WPS: Process ACK");
- return WPS_DONE;
- } else {
- wpa_printf(MSG_DEBUG, "WPS: Unexpected Op-Code %d "
- "(msg_num=%d)", op_code, wps->msg_num);
- return WPS_FAILURE;
- }
-
- wps->msg_num++;
- return WPS_CONTINUE;
-}
-
-
-static u8 * wps_get_msg(struct wps_data *wps, size_t *msg_len, u8 *op_code)
-{
- u8 *msg;
-
- /* TODO: proper processing and/or query from an external process */
-
- if ((wps->registrar && (wps->msg_num & 1) == 1) ||
- (!wps->registrar && (wps->msg_num & 1) == 0)) {
- wpa_printf(MSG_DEBUG, "WPS: Unexpected request for message "
- "number %d", wps->msg_num);
- return NULL;
- }
-
- if (wps->msg_num == 7 || wps->msg_num == 8) {
- msg = os_zalloc(2000);
- if (msg == NULL)
- return NULL;
- *msg_len = 2000;
- *op_code = WSC_MSG;
- *msg = WSC_MSG;
- wpa_printf(MSG_DEBUG, "WPS: Send M%d", wps->msg_num);
- } else if (wps->msg_num <= 6) {
- msg = os_zalloc(1);
- if (msg == NULL)
- return NULL;
- *msg_len = 1;
- *op_code = WSC_MSG;
- *msg = WSC_MSG;
- wpa_printf(MSG_DEBUG, "WPS: Send M%d", wps->msg_num);
- } else if (!wps->registrar && wps->msg_num == 9) {
- msg = os_zalloc(1);
- if (msg == NULL)
- return NULL;
- *msg_len = 1;
- *op_code = WSC_Done;
- *msg = WSC_Done;
- wpa_printf(MSG_DEBUG, "WPS: Send Done");
- } else
- return NULL;
-
- wps->msg_num++;
- return msg;
-}
+#include "wps/wps.h"
struct eap_wsc_data {
enum { START, MSG, FRAG_ACK, WAIT_FRAG_ACK, DONE, FAIL } state;
int registrar;
- u8 *in_buf, *out_buf, in_op_code, out_op_code;
- size_t in_len, in_used, out_len, out_used;
+ struct wpabuf *in_buf;
+ struct wpabuf *out_buf;
+ u8 in_op_code, out_op_code;
+ size_t out_used;
size_t fragment_size;
struct wps_data *wps;
};
@@ -207,7 +86,7 @@
return NULL;
data->state = registrar ? START : MSG;
data->registrar = registrar;
- data->wps = wps_init(registrar);
+ data->wps = wps_init(1, registrar);
if (data->wps == NULL) {
os_free(data);
return NULL;
@@ -221,8 +100,8 @@
static void eap_wsc_reset(struct eap_sm *sm, void *priv)
{
struct eap_wsc_data *data = priv;
- os_free(data->in_buf);
- os_free(data->out_buf);
+ wpabuf_free(data->in_buf);
+ wpabuf_free(data->out_buf);
wps_deinit(data->wps);
os_free(data);
}
@@ -249,25 +128,14 @@
}
-static struct wpabuf * eap_wsc_build_msg(struct eap_sm *sm,
- struct eap_wsc_data *data, u8 id)
+static struct wpabuf * eap_wsc_build_msg(struct eap_wsc_data *data, u8 id)
{
struct wpabuf *req;
u8 flags;
size_t send_len, plen;
- if (data->out_buf == NULL) {
- data->out_buf = wps_get_msg(data->wps, &data->out_len,
- &data->out_op_code);
- if (data->out_buf == NULL) {
- wpa_printf(MSG_DEBUG, "EAP-WSC: Failed to receive "
- "message from WPS");
- return NULL;
- }
- }
-
flags = 0;
- send_len = data->out_len - data->out_used;
+ send_len = wpabuf_len(data->out_buf) - data->out_used;
if (2 + send_len > data->fragment_size) {
send_len = data->fragment_size - 2;
flags |= WSC_FLAGS_MF;
@@ -290,22 +158,25 @@
wpabuf_put_u8(req, data->out_op_code); /* Op-Code */
wpabuf_put_u8(req, flags); /* Flags */
if (flags & WSC_FLAGS_LF)
- wpabuf_put_be16(req, data->out_len);
-
- wpabuf_put_data(req, data->out_buf + data->out_used, send_len);
+ wpabuf_put_be16(req, wpabuf_len(data->out_buf));
+
+ wpabuf_put_data(req, wpabuf_head_u8(data->out_buf) + data->out_used,
+ send_len);
data->out_used += send_len;
- if (data->out_used == data->out_len) {
- wpa_printf(MSG_DEBUG, "EAP-WSC: Sending out %u bytes "
- "(message sent completely)", send_len);
- os_free(data->out_buf);
+ if (data->out_used == wpabuf_len(data->out_buf)) {
+ wpa_printf(MSG_DEBUG, "EAP-WSC: Sending out %lu bytes "
+ "(message sent completely)",
+ (unsigned long) send_len);
+ wpabuf_free(data->out_buf);
data->out_buf = NULL;
- data->out_len = data->out_used = 0;
+ data->out_used = 0;
eap_wsc_state(data, MSG);
} else {
- wpa_printf(MSG_DEBUG, "EAP-WSC: Sending out %u bytes "
- "(%u more to send)", send_len,
- data->out_len - data->out_used);
+ wpa_printf(MSG_DEBUG, "EAP-WSC: Sending out %lu bytes "
+ "(%lu more to send)", (unsigned long) send_len,
+ (unsigned long) wpabuf_len(data->out_buf) -
+ data->out_used);
eap_wsc_state(data, WAIT_FRAG_ACK);
}
@@ -320,10 +191,22 @@
switch (data->state) {
case START:
return eap_wsc_build_start(sm, data, id);
+ case MSG:
+ if (data->out_buf == NULL) {
+ data->out_buf = wps_get_msg(data->wps,
+ &data->out_op_code);
+ if (data->out_buf == NULL) {
+ wpa_printf(MSG_DEBUG, "EAP-WSC: Failed to "
+ "receive message from WPS");
+ return NULL;
+ }
+ data->out_used = 0;
+ }
+ /* pass through */
+ case WAIT_FRAG_ACK:
+ return eap_wsc_build_msg(data, id);
case FRAG_ACK:
return eap_wsc_build_frag_ack(id, EAP_CODE_REQUEST);
- case MSG:
- return eap_wsc_build_msg(sm, data, id);
default:
wpa_printf(MSG_DEBUG, "EAP-WSC: Unexpected state %d in "
"buildReq", data->state);
@@ -349,6 +232,64 @@
}
+static int eap_wsc_process_cont(struct eap_wsc_data *data,
+ const u8 *buf, size_t len, u8 op_code)
+{
+ /* Process continuation of a pending message */
+ if (op_code != data->in_op_code) {
+ wpa_printf(MSG_DEBUG, "EAP-WSC: Unexpected Op-Code %d in "
+ "fragment (expected %d)",
+ op_code, data->in_op_code);
+ eap_wsc_state(data, FAIL);
+ return -1;
+ }
+
+ if (len > wpabuf_tailroom(data->in_buf)) {
+ wpa_printf(MSG_DEBUG, "EAP-WSC: Fragment overflow");
+ eap_wsc_state(data, FAIL);
+ return -1;
+ }
+
+ wpabuf_put_data(data->in_buf, buf, len);
+ wpa_printf(MSG_DEBUG, "EAP-WSC: Received %lu bytes, waiting for %lu "
+ "bytes more", (unsigned long) len,
+ (unsigned long) wpabuf_tailroom(data->in_buf));
+
+ return 0;
+}
+
+
+static int eap_wsc_process_fragment(struct eap_wsc_data *data,
+ u8 flags, u8 op_code, u16 message_length,
+ const u8 *buf, size_t len)
+{
+ /* Process a fragment that is not the last one of the message */
+ if (data->in_buf == NULL && !(flags & WSC_FLAGS_LF)) {
+ wpa_printf(MSG_DEBUG, "EAP-WSC: No Message Length "
+ "field in a fragmented packet");
+ return -1;
+ }
+
+ if (data->in_buf == NULL) {
+ /* First fragment of the message */
+ data->in_buf = wpabuf_alloc(message_length);
+ if (data->in_buf == NULL) {
+ wpa_printf(MSG_DEBUG, "EAP-WSC: No memory for "
+ "message");
+ return -1;
+ }
+ data->in_op_code = op_code;
+ wpabuf_put_data(data->in_buf, buf, len);
+ wpa_printf(MSG_DEBUG, "EAP-WSC: Received %lu bytes in "
+ "first fragment, waiting for %lu bytes more",
+ (unsigned long) len,
+ (unsigned long) wpabuf_tailroom(data->in_buf));
+ }
+
+ return 0;
+}
+
+
static void eap_wsc_process(struct eap_sm *sm, void *priv,
struct wpabuf *respData)
{
@@ -357,9 +298,8 @@
size_t len;
u8 op_code, flags;
u16 message_length = 0;
- const u8 *msg;
- size_t msg_len;
enum wps_process_res res;
+ struct wpabuf tmpbuf;
pos = eap_hdr_validate(EAP_VENDOR_WFA, EAP_VENDOR_TYPE_WSC,
respData, &len);
@@ -410,67 +350,29 @@
return;
}
- if (data->in_buf) {
- /* Process continuation of a pending message */
- if (op_code != data->in_op_code) {
- wpa_printf(MSG_DEBUG, "EAP-WSC: Unexpected Op-Code %d "
- "in fragment (expected %d)",
- op_code, data->in_op_code);
+ if (data->in_buf &&
+ eap_wsc_process_cont(data, pos, end - pos, op_code) < 0) {
+ eap_wsc_state(data, FAIL);
+ return;
+ }
+
+ if (flags & WSC_FLAGS_MF) {
+ if (eap_wsc_process_fragment(data, flags, op_code,
+ message_length, pos, end - pos) <
+ 0)
eap_wsc_state(data, FAIL);
- return;
- }
-
- if (data->in_used + (end - pos) > data->in_len) {
- wpa_printf(MSG_DEBUG, "EAP-WSC: Fragment overflow");
- eap_wsc_state(data, FAIL);
- return;
- }
-
- os_memcpy(data->in_buf + data->in_used, pos, end - pos);
- data->in_used += end - pos;
- wpa_printf(MSG_DEBUG, "EAP-WSC: Received %u bytes, waiting "
- "for %u bytes more", end - pos,
- data->in_len - data->in_used);
- }
-
- if (flags & WSC_FLAGS_MF) {
- if (data->in_buf == NULL && !(flags & WSC_FLAGS_LF)) {
- wpa_printf(MSG_DEBUG, "EAP-WSC: No Message Length "
- "field in a fragmented packet");
- return;
- }
-
- if (data->in_buf == NULL) {
- /* First fragment of the message */
- data->in_buf = os_malloc(message_length);
- if (data->in_buf == NULL) {
- wpa_printf(MSG_DEBUG, "EAP-WSC: No memory for "
- "message");
- return;
- }
- data->in_len = message_length;
- data->in_used = end - pos;
- data->in_op_code = op_code;
- os_memcpy(data->in_buf, pos, data->in_used);
- wpa_printf(MSG_DEBUG, "EAP-WSC: Received %u bytes in "
- "first fragment, waiting for %u bytes more",
- data->in_used,
- data->in_len - data->in_used);
- }
-
- eap_wsc_state(data, FRAG_ACK);
+ else
+ eap_wsc_state(data, FRAG_ACK);
return;
}
- if (data->in_buf) {
- msg = data->in_buf;
- msg_len = data->in_len;
- } else {
- msg = pos;
- msg_len = end - pos;
- }
-
- res = wps_process_msg(data->wps, op_code, msg, msg_len);
+ if (data->in_buf == NULL) {
+ /* Wrap unfragmented messages as wpabuf without extra copy */
+ wpabuf_set(&tmpbuf, pos, end - pos);
+ data->in_buf = &tmpbuf;
+ }
+
+ res = wps_process_msg(data->wps, op_code, data->in_buf);
switch (res) {
case WPS_DONE:
wpa_printf(MSG_DEBUG, "EAP-WSC: WPS processing completed "
@@ -490,9 +392,9 @@
break;
}
- os_free(data->in_buf);
+ if (data->in_buf != &tmpbuf)
+ wpabuf_free(data->in_buf);
data->in_buf = NULL;
- data->in_len = data->in_used = 0;
}
Modified: wpasupplicant/trunk/src/hlr_auc_gw/milenage.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/hlr_auc_gw/milenage.c?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/src/hlr_auc_gw/milenage.c (original)
+++ wpasupplicant/trunk/src/hlr_auc_gw/milenage.c Tue Jan 1 13:55:42 2008
@@ -1,6 +1,6 @@
/*
* 3GPP AKA - Milenage algorithm (3GPP TS 35.205, .206, .207, .208)
- * Copyright (c) 2006 <j at w1.fi>
+ * Copyright (c) 2006-2007 <j at w1.fi>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
@@ -37,9 +37,10 @@
* @amf: AMF = 16-bit authentication management field
* @mac_a: Buffer for MAC-A = 64-bit network authentication code, or %NULL
* @mac_s: Buffer for MAC-S = 64-bit resync authentication code, or %NULL
+ * Returns: 0 on success, -1 on failure
*/
-static void milenage_f1(const u8 *opc, const u8 *k, const u8 *_rand,
- const u8 *sqn, const u8 *amf, u8 *mac_a, u8 *mac_s)
+static int milenage_f1(const u8 *opc, const u8 *k, const u8 *_rand,
+ const u8 *sqn, const u8 *amf, u8 *mac_a, u8 *mac_s)
{
u8 tmp1[16], tmp2[16], tmp3[16];
int i;
@@ -47,7 +48,8 @@
/* tmp1 = TEMP = E_K(RAND XOR OP_C) */
for (i = 0; i < 16; i++)
tmp1[i] = _rand[i] ^ opc[i];
- aes_128_encrypt_block(k, tmp1, tmp1);
+ if (aes_128_encrypt_block(k, tmp1, tmp1))
+ return -1;
/* tmp2 = IN1 = SQN || AMF || SQN || AMF */
memcpy(tmp2, sqn, 6);
@@ -65,13 +67,15 @@
/* XOR with c1 (= ..00, i.e., NOP) */
/* f1 || f1* = E_K(tmp3) XOR OP_c */
- aes_128_encrypt_block(k, tmp3, tmp1);
+ if (aes_128_encrypt_block(k, tmp3, tmp1))
+ return -1;
for (i = 0; i < 16; i++)
tmp1[i] ^= opc[i];
if (mac_a)
memcpy(mac_a, tmp1, 8); /* f1 */
if (mac_s)
memcpy(mac_s, tmp1 + 8, 8); /* f1* */
+ return 0;
}
@@ -85,9 +89,10 @@
* @ik: Buffer for IK = 128-bit integrity key (f4), or %NULL
* @ak: Buffer for AK = 48-bit anonymity key (f5), or %NULL
* @akstar: Buffer for AK = 48-bit anonymity key (f5*), or %NULL
+ * Returns: 0 on success, -1 on failure
*/
-static void milenage_f2345(const u8 *opc, const u8 *k, const u8 *_rand,
- u8 *res, u8 *ck, u8 *ik, u8 *ak, u8 *akstar)
+static int milenage_f2345(const u8 *opc, const u8 *k, const u8 *_rand,
+ u8 *res, u8 *ck, u8 *ik, u8 *ak, u8 *akstar)
{
u8 tmp1[16], tmp2[16], tmp3[16];
int i;
@@ -95,7 +100,8 @@
/* tmp2 = TEMP = E_K(RAND XOR OP_C) */
for (i = 0; i < 16; i++)
tmp1[i] = _rand[i] ^ opc[i];
- aes_128_encrypt_block(k, tmp1, tmp2);
+ if (aes_128_encrypt_block(k, tmp1, tmp2))
+ return -1;
/* OUT2 = E_K(rot(TEMP XOR OP_C, r2) XOR c2) XOR OP_C */
/* OUT3 = E_K(rot(TEMP XOR OP_C, r3) XOR c3) XOR OP_C */
@@ -108,7 +114,8 @@
tmp1[i] = tmp2[i] ^ opc[i];
tmp1[15] ^= 1; /* XOR c2 (= ..01) */
/* f5 || f2 = E_K(tmp1) XOR OP_c */
- aes_128_encrypt_block(k, tmp1, tmp3);
+ if (aes_128_encrypt_block(k, tmp1, tmp3))
+ return -1;
for (i = 0; i < 16; i++)
tmp3[i] ^= opc[i];
if (res)
@@ -122,7 +129,8 @@
for (i = 0; i < 16; i++)
tmp1[(i + 12) % 16] = tmp2[i] ^ opc[i];
tmp1[15] ^= 2; /* XOR c3 (= ..02) */
- aes_128_encrypt_block(k, tmp1, ck);
+ if (aes_128_encrypt_block(k, tmp1, ck))
+ return -1;
for (i = 0; i < 16; i++)
ck[i] ^= opc[i];
}
@@ -133,7 +141,8 @@
for (i = 0; i < 16; i++)
tmp1[(i + 8) % 16] = tmp2[i] ^ opc[i];
tmp1[15] ^= 4; /* XOR c4 (= ..04) */
- aes_128_encrypt_block(k, tmp1, ik);
+ if (aes_128_encrypt_block(k, tmp1, ik))
+ return -1;
for (i = 0; i < 16; i++)
ik[i] ^= opc[i];
}
@@ -144,10 +153,13 @@
for (i = 0; i < 16; i++)
tmp1[(i + 4) % 16] = tmp2[i] ^ opc[i];
tmp1[15] ^= 8; /* XOR c5 (= ..08) */
- aes_128_encrypt_block(k, tmp1, tmp1);
+ if (aes_128_encrypt_block(k, tmp1, tmp1))
+ return -1;
for (i = 0; i < 6; i++)
akstar[i] = tmp1[i] ^ opc[i];
}
+
+ return 0;
}
@@ -175,9 +187,12 @@
*res_len = 0;
return;
}
+ if (milenage_f1(opc, k, _rand, sqn, amf, mac_a, NULL) ||
+ milenage_f2345(opc, k, _rand, res, ck, ik, ak, NULL)) {
+ *res_len = 0;
+ return;
+ }
*res_len = 8;
- milenage_f1(opc, k, _rand, sqn, amf, mac_a, NULL);
- milenage_f2345(opc, k, _rand, res, ck, ik, ak, NULL);
/* AUTN = (SQN ^ AK) || AMF || MAC */
for (i = 0; i < 6; i++)
@@ -203,11 +218,12 @@
u8 ak[6], mac_s[8];
int i;
- milenage_f2345(opc, k, _rand, NULL, NULL, NULL, NULL, ak);
+ if (milenage_f2345(opc, k, _rand, NULL, NULL, NULL, NULL, ak))
+ return -1;
for (i = 0; i < 6; i++)
sqn[i] = auts[i] ^ ak[i];
- milenage_f1(opc, k, _rand, sqn, amf, NULL, mac_s);
- if (memcmp(mac_s, auts + 6, 8) != 0)
+ if (milenage_f1(opc, k, _rand, sqn, amf, NULL, mac_s) ||
+ memcmp(mac_s, auts + 6, 8) != 0)
return -1;
return 0;
}
@@ -220,14 +236,15 @@
* @_rand: RAND = 128-bit random challenge
* @sres: Buffer for SRES = 32-bit SRES
* @kc: Buffer for Kc = 64-bit Kc
+ * Returns: 0 on success, -1 on failure
*/
-void gsm_milenage(const u8 *opc, const u8 *k, const u8 *_rand, u8 *sres,
- u8 *kc)
+int gsm_milenage(const u8 *opc, const u8 *k, const u8 *_rand, u8 *sres, u8 *kc)
{
u8 res[8], ck[16], ik[16];
int i;
- milenage_f2345(opc, k, _rand, res, ck, ik, NULL, NULL);
+ if (milenage_f2345(opc, k, _rand, res, ck, ik, NULL, NULL))
+ return -1;
for (i = 0; i < 8; i++)
kc[i] = ck[i] ^ ck[i + 8] ^ ik[i] ^ ik[i + 8];
@@ -238,6 +255,7 @@
for (i = 0; i < 4; i++)
sres[i] = res[i] ^ res[i + 4];
#endif /* GSM_MILENAGE_ALT_SRES */
+ return 0;
}
@@ -953,8 +971,8 @@
ret++;
}
- milenage_f1(opc, t->k, t->rand, t->sqn, t->amf, buf, buf2);
- if (memcmp(buf, t->f1, 8) != 0) {
+ if (milenage_f1(opc, t->k, t->rand, t->sqn, t->amf, buf, buf2)
+ || memcmp(buf, t->f1, 8) != 0) {
printf("- milenage_f1 failed\n");
ret++;
}
@@ -963,9 +981,9 @@
ret++;
}
- milenage_f2345(opc, t->k, t->rand, buf, buf2, buf3, buf4,
- buf5);
- if (memcmp(buf, t->f2, 8) != 0) {
+ if (milenage_f2345(opc, t->k, t->rand, buf, buf2, buf3, buf4,
+ buf5) ||
+ memcmp(buf, t->f2, 8) != 0) {
printf("- milenage_f2 failed\n");
ret++;
}
Modified: wpasupplicant/trunk/src/hlr_auc_gw/milenage.h
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/hlr_auc_gw/milenage.h?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/src/hlr_auc_gw/milenage.h (original)
+++ wpasupplicant/trunk/src/hlr_auc_gw/milenage.h Tue Jan 1 13:55:42 2008
@@ -1,6 +1,6 @@
/*
* UMTS AKA - Milenage algorithm (3GPP TS 35.205, .206, .207, .208)
- * Copyright (c) 2006 <j at w1.fi>
+ * Copyright (c) 2006-2007 <j at w1.fi>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
@@ -20,7 +20,7 @@
u8 *ck, u8 *res, size_t *res_len);
int milenage_auts(const u8 *opc, const u8 *k, const u8 *_rand, const u8 *auts,
u8 *sqn);
-void gsm_milenage(const u8 *opc, const u8 *k, const u8 *_rand, u8 *sres,
- u8 *kc);
+int gsm_milenage(const u8 *opc, const u8 *k, const u8 *_rand, u8 *sres,
+ u8 *kc);
#endif /* MILENAGE_H */
Modified: wpasupplicant/trunk/src/tls/bignum.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/tls/bignum.c?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/src/tls/bignum.c (original)
+++ wpasupplicant/trunk/src/tls/bignum.c Tue Jan 1 13:55:42 2008
@@ -227,4 +227,4 @@
return -1;
}
return 0;
-}
+}
Modified: wpasupplicant/trunk/src/tls/tlsv1_client_write.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/tls/tlsv1_client_write.c?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/src/tls/tlsv1_client_write.c (original)
+++ wpasupplicant/trunk/src/tls/tlsv1_client_write.c Tue Jan 1 13:55:42 2008
@@ -254,10 +254,16 @@
os_free(csecret);
return -1;
}
- crypto_mod_exp(conn->dh_g, conn->dh_g_len,
- csecret_start, csecret_len,
- conn->dh_p, conn->dh_p_len,
- dh_yc, &dh_yc_len);
+ if (crypto_mod_exp(conn->dh_g, conn->dh_g_len,
+ csecret_start, csecret_len,
+ conn->dh_p, conn->dh_p_len,
+ dh_yc, &dh_yc_len)) {
+ tls_alert(conn, TLS_ALERT_LEVEL_FATAL,
+ TLS_ALERT_INTERNAL_ERROR);
+ os_free(csecret);
+ os_free(dh_yc);
+ return -1;
+ }
wpa_hexdump(MSG_DEBUG, "TLSv1: DH Yc (client's public value)",
dh_yc, dh_yc_len);
@@ -289,10 +295,16 @@
}
/* shared = Ys^csecret mod p */
- crypto_mod_exp(conn->dh_ys, conn->dh_ys_len,
- csecret_start, csecret_len,
- conn->dh_p, conn->dh_p_len,
- shared, &shared_len);
+ if (crypto_mod_exp(conn->dh_ys, conn->dh_ys_len,
+ csecret_start, csecret_len,
+ conn->dh_p, conn->dh_p_len,
+ shared, &shared_len)) {
+ tls_alert(conn, TLS_ALERT_LEVEL_FATAL,
+ TLS_ALERT_INTERNAL_ERROR);
+ os_free(csecret);
+ os_free(shared);
+ return -1;
+ }
wpa_hexdump_key(MSG_DEBUG, "TLSv1: Shared secret from DH key exchange",
shared, shared_len);
Modified: wpasupplicant/trunk/src/tls/tlsv1_server_read.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/tls/tlsv1_server_read.c?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/src/tls/tlsv1_server_read.c (original)
+++ wpasupplicant/trunk/src/tls/tlsv1_server_read.c Tue Jan 1 13:55:42 2008
@@ -639,9 +639,15 @@
}
/* shared = Yc^secret mod p */
- crypto_mod_exp(dh_yc, dh_yc_len, conn->dh_secret, conn->dh_secret_len,
- conn->cred->dh_p, conn->cred->dh_p_len,
- shared, &shared_len);
+ if (crypto_mod_exp(dh_yc, dh_yc_len, conn->dh_secret,
+ conn->dh_secret_len,
+ conn->cred->dh_p, conn->cred->dh_p_len,
+ shared, &shared_len)) {
+ os_free(shared);
+ tlsv1_server_alert(conn, TLS_ALERT_LEVEL_FATAL,
+ TLS_ALERT_INTERNAL_ERROR);
+ return -1;
+ }
wpa_hexdump_key(MSG_DEBUG, "TLSv1: Shared secret from DH key exchange",
shared, shared_len);
Modified: wpasupplicant/trunk/src/tls/tlsv1_server_write.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/tls/tlsv1_server_write.c?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/src/tls/tlsv1_server_write.c (original)
+++ wpasupplicant/trunk/src/tls/tlsv1_server_write.c Tue Jan 1 13:55:42 2008
@@ -325,10 +325,15 @@
TLS_ALERT_INTERNAL_ERROR);
return -1;
}
- crypto_mod_exp(conn->cred->dh_g, conn->cred->dh_g_len,
- conn->dh_secret, conn->dh_secret_len,
- conn->cred->dh_p, conn->cred->dh_p_len,
- dh_ys, &dh_ys_len);
+ if (crypto_mod_exp(conn->cred->dh_g, conn->cred->dh_g_len,
+ conn->dh_secret, conn->dh_secret_len,
+ conn->cred->dh_p, conn->cred->dh_p_len,
+ dh_ys, &dh_ys_len)) {
+ tlsv1_server_alert(conn, TLS_ALERT_LEVEL_FATAL,
+ TLS_ALERT_INTERNAL_ERROR);
+ os_free(dh_ys);
+ return -1;
+ }
wpa_hexdump(MSG_DEBUG, "TLSv1: DH Ys (server's public value)",
dh_ys, dh_ys_len);
Modified: wpasupplicant/trunk/src/utils/common.h
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/utils/common.h?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/src/utils/common.h (original)
+++ wpasupplicant/trunk/src/utils/common.h Tue Jan 1 13:55:42 2008
@@ -402,6 +402,13 @@
typedef u64 __bitwise be64;
typedef u64 __bitwise le64;
+#ifndef __must_check
+#if __GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ >= 4)
+#define __must_check __attribute__((__warn_unused_result__))
+#else
+#define __must_check
+#endif /* __GNUC__ */
+#endif /* __must_check */
int hwaddr_aton(const char *txt, u8 *addr);
int hexstr2bin(const char *hex, u8 *buf, size_t len);
Modified: wpasupplicant/trunk/src/utils/wpabuf.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/utils/wpabuf.c?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/src/utils/wpabuf.c (original)
+++ wpasupplicant/trunk/src/utils/wpabuf.c Tue Jan 1 13:55:42 2008
@@ -65,7 +65,6 @@
if (buf == NULL)
return NULL;
buf->size = len;
- buf->refcount = 1;
return buf;
}
@@ -78,7 +77,6 @@
buf->size = len;
buf->used = len;
- buf->refcount = 1;
buf->ext_data = data;
return buf;
@@ -111,9 +109,7 @@
{
if (buf == NULL)
return;
- buf->refcount--;
- if (buf->refcount > 0)
- return;
+ os_free(buf->ext_data);
os_free(buf);
}
Modified: wpasupplicant/trunk/src/utils/wpabuf.h
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/src/utils/wpabuf.h?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/src/utils/wpabuf.h (original)
+++ wpasupplicant/trunk/src/utils/wpabuf.h Tue Jan 1 13:55:42 2008
@@ -23,7 +23,6 @@
struct wpabuf {
size_t size; /* total size of the allocated buffer */
size_t used; /* length of data in the buffer */
- size_t refcount; /* number of users referencing this buffer */
u8 *ext_data; /* pointer to external data; NULL if data follows
* struct wpabuf */
/* optionally followed by the allocated buffer */
@@ -60,6 +59,16 @@
}
/**
+ * wpabuf_tailroom - Get size of available tail room in the end of the buffer
+ * @buf: wpabuf buffer
+ * Returns: Tail room (in bytes) of available space in the end of the buffer
+ */
+static inline size_t wpabuf_tailroom(const struct wpabuf *buf)
+{
+ return buf->size - buf->used;
+}
+
+/**
* wpabuf_head - Get pointer to the head of the buffer data
* @buf: wpabuf buffer
* Returns: Pointer to the head of the buffer data
@@ -91,12 +100,6 @@
static inline u8 * wpabuf_mhead_u8(struct wpabuf *buf)
{
return wpabuf_mhead(buf);
-}
-
-static inline struct wpabuf * wpabuf_ref(struct wpabuf *buf)
-{
- buf->refcount++;
- return buf;
}
static inline void wpabuf_put_u8(struct wpabuf *buf, u8 data)
Modified: wpasupplicant/trunk/wpa_supplicant/ChangeLog
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/wpa_supplicant/ChangeLog?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/wpa_supplicant/ChangeLog (original)
+++ wpasupplicant/trunk/wpa_supplicant/ChangeLog Tue Jan 1 13:55:42 2008
@@ -34,6 +34,15 @@
are converted internally to the new format), but all drivers should
start using the new get_scan_results2() to make them more likely to
work with new features
+ * Qt4 version of wpa_gui (wpa_gui-qt4 subdirectory) is now native Qt4
+ application, i.e., it does not require Qt3Support anymore; Windows
+ binary of wpa_gui.exe is now from this directory and only requires
+ QtCore4.dll and QtGui4.dll libraries
+ * updated Windows binary build to use Qt 4.3.3 and made Qt DLLs
+ available as a separate package to make wpa_gui installation easier:
+ http://w1.fi/wpa_supplicant/qt4/wpa_gui-qt433-windows-dll.zip
+ * added support for EAP-IKEv2 (draft-tschofenig-eap-ikev2-15.txt);
+ only shared key/password authentication is supported in this version
2007-11-24 - v0.6.1
* added support for configuring password as NtPasswordHash
Modified: wpasupplicant/trunk/wpa_supplicant/Makefile
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/wpa_supplicant/Makefile?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/wpa_supplicant/Makefile (original)
+++ wpasupplicant/trunk/wpa_supplicant/Makefile Tue Jan 1 13:55:42 2008
@@ -482,9 +482,25 @@
else
CFLAGS += -DEAP_WSC
OBJS += ../src/eap_peer/eap_wsc.o ../src/eap_common/eap_wsc_common.o
+OBJS += ../src/wps/wps.o
OBJS_h += ../src/eap_server/eap_wsc.o
endif
CONFIG_IEEE8021X_EAPOL=y
+endif
+
+ifdef CONFIG_EAP_IKEV2
+# EAP-IKEv2
+ifeq ($(CONFIG_EAP_IKEV2), dyn)
+CFLAGS += -DEAP_IKEV2_DYNAMIC
+EAPDYN += ../src/eap_peer/eap_ikev2.so ../src/eap_peer/ikev2.o
+EAPDYN += ../src/eap_common/eap_ikev2_common.o ../src/eap_common/ikev2_common.o
+else
+CFLAGS += -DEAP_IKEV2
+OBJS += ../src/eap_peer/eap_ikev2.o ../src/eap_peer/ikev2.o
+OBJS += ../src/eap_common/eap_ikev2_common.o ../src/eap_common/ikev2_common.o
+endif
+CONFIG_IEEE8021X_EAPOL=y
+NEED_DH_GROUPS=y
endif
ifdef CONFIG_EAP_VENDOR_TEST
@@ -882,6 +898,10 @@
OBJS += ../src/crypto/aes_wrap.o ../src/crypto/aes.o
endif
+ifdef NEED_DH_GROUPS
+OBJS += ../src/crypto/dh_groups.o
+endif
+
ifndef NEED_FIPS186_2_PRF
CFLAGS += -DCONFIG_NO_FIPS186_2_PRF
endif
@@ -910,19 +930,20 @@
ifdef CONFIG_DEBUG_FILE
CFLAGS += -DCONFIG_DEBUG_FILE
endif
+
+OBJS += ../src/drivers/scan_helpers.o
OBJS_wpa_rm := ctrl_iface.o mlme.o ctrl_iface_unix.o
OBJS_wpa := $(filter-out $(OBJS_wpa_rm),$(OBJS)) $(OBJS_h) tests/test_wpa.o
ifdef CONFIG_AUTHENTICATOR
OBJS_wpa += tests/link_test.o
endif
+OBJS_wpa += $(OBJS_l2)
OBJS += wpa_supplicant.o events.o blacklist.o wpas_glue.o scan.o
-OBJS_t := $(OBJS) eapol_test.o ../src/radius/radius.o ../src/radius/radius_client.o
+OBJS_t := $(OBJS) $(OBJS_l2) eapol_test.o ../src/radius/radius.o ../src/radius/radius_client.o
OBJS_t += ../src/utils/ip_addr.o
-OBJS_t2 := $(OBJS) preauth_test.o
+OBJS_t2 := $(OBJS) $(OBJS_l2) preauth_test.o
OBJS += $(CONFIG_MAIN).o
-
-OBJS += ../src/drivers/scan_helpers.o
ifdef CONFIG_PRIVSEP
OBJS_priv += $(OBJS_d) ../src/drivers/drivers.o ../src/drivers/scan_helpers.o
@@ -1029,9 +1050,13 @@
$(CC) -o $@ $(CFLAGS) -shared -rdynamic -fPIC $^ \
-Deap_peer_sake_register=eap_peer_method_dynamic_init
-eap_wsc.so: ../src/eap_peer/eap_wsc.c ../src/eap_common/eap_wsc_common.c
+eap_wsc.so: ../src/eap_peer/eap_wsc.c ../src/eap_common/eap_wsc_common.c ../src/wps/wps.c
$(CC) -o $@ $(CFLAGS) -shared -rdynamic -fPIC $^ \
-Deap_peer_wsc_register=eap_peer_method_dynamic_init
+
+eap_ikev2.so: ../src/eap_peer/eap_ikev2.c ../src/eap_peer/ikev2.c ../src/eap_common/eap_ikev2_common.o ../src/eap_common/ikev2_common.c
+ $(CC) -o $@ $(CFLAGS) -shared -rdynamic -fPIC $^ \
+ -Deap_peer_ikev2_register=eap_peer_method_dynamic_init
%.so: %.c
$(CC) -o $@ $(CFLAGS) -shared -rdynamic -fPIC $< \
@@ -1060,6 +1085,12 @@
wpa_gui: wpa_gui/Makefile
$(MAKE) -C wpa_gui
+wpa_gui-qt4/Makefile:
+ qmake -o wpa_gui-qt4/Makefile wpa_gui-qt4/wpa_gui.pro
+
+wpa_gui-qt4: wpa_gui-qt4/Makefile
+ $(MAKE) -C wpa_gui-qt4
+
TEST_MS_FUNCS_OBJS = ../src/crypto/crypto_openssl.o ../src/crypto/sha1.o ../src/crypto/md5.o \
../src/utils/os_unix.o ../src/crypto/rc4.o tests/test_ms_funcs.o
test-ms_funcs: $(TEST_MS_FUNCS_OBJS)
Modified: wpasupplicant/trunk/wpa_supplicant/README
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/wpa_supplicant/README?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/wpa_supplicant/README (original)
+++ wpasupplicant/trunk/wpa_supplicant/README Tue Jan 1 13:55:42 2008
@@ -90,6 +90,7 @@
* EAP-PSK
* EAP-PAX
* EAP-SAKE
+ * EAP-IKEv2
* EAP-GPSK
* LEAP (note: requires special support from the driver for IEEE 802.11
authentication)
@@ -383,6 +384,7 @@
CONFIG_EAP_GPSK=y
CONFIG_EAP_PAX=y
CONFIG_EAP_LEAP=y
+CONFIG_EAP_IKEV2=y
Following option can be used to include GSM SIM/USIM interface for GSM/UMTS
authentication algorithm (for EAP-SIM/EAP-AKA). This requires pcsc-lite
@@ -437,6 +439,7 @@
CONFIG_EAP_GPSK=y
CONFIG_EAP_PAX=y
CONFIG_EAP_LEAP=y
+CONFIG_EAP_IKEV2=y
CONFIG_PCSC=y
EAP-PEAP and EAP-TTLS will automatically include configured EAP
Modified: wpasupplicant/trunk/wpa_supplicant/README-Windows.txt
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/wpa_supplicant/README-Windows.txt?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/wpa_supplicant/README-Windows.txt (original)
+++ wpasupplicant/trunk/wpa_supplicant/README-Windows.txt Tue Jan 1 13:55:42 2008
@@ -38,8 +38,14 @@
--------------
Compiled binary version of the wpa_supplicant and additional tools is
-available from http://hostap.epitest.fi/wpa_supplicant/. These
-binaries can be used after installing WinPcap.
+available from http://w1.fi/wpa_supplicant/. These binaries can be
+used after installing WinPcap.
+
+wpa_gui uses Qt 4 framework and may need additional dynamic libraries
+(DLLs). These libraries are available from
+http://w1.fi/wpa_supplicant/qt4/wpa_gui-qt433-windows-dll.zip
+You can copy the DLL files from this ZIP package into the same directory
+with wpa_gui.exe to allow wpa_gui to be started.
Building wpa_supplicant with mingw
@@ -135,8 +141,8 @@
Using wpa_supplicant for Windows
--------------------------------
-wpa_supplicant and wpa_cli behave more or less identically to Linux
-version, so instructions in README and example wpa_supplicant.conf
+wpa_supplicant, wpa_cli, and wpa_gui behave more or less identically to
+Linux version, so instructions in README and example wpa_supplicant.conf
should be applicable for most parts. In addition, there is another
version of wpa_supplicant, wpasvc.exe, which can be used as a Windows
service and which reads its configuration from registry instead of
@@ -429,3 +435,14 @@
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
+
+
+
+ Qt Open Source Edition
+ ----------------------
+
+The Qt GUI Toolkit is Copyright (C) 1994-2007 Trolltech ASA.
+Qt Open Source Edition is licensed under GPL version 2.
+
+Source code for the library is available at
+http://w1.fi/wpa_supplicant/qt4/qt-win-opensource-src-4.3.3.zip
Modified: wpasupplicant/trunk/wpa_supplicant/defconfig
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/wpa_supplicant/defconfig?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/wpa_supplicant/defconfig (original)
+++ wpasupplicant/trunk/wpa_supplicant/defconfig Tue Jan 1 13:55:42 2008
@@ -166,6 +166,9 @@
# EAP-WSC for Wi-Fi Protected Setup
#CONFIG_EAP_WSC=y
+
+# EAP-IKEv2
+#CONFIG_EAP_IKEV2=y
# PKCS#12 (PFX) support (used to read private key and certificate file from
# a file that usually has extension .p12 or .pfx)
Modified: wpasupplicant/trunk/wpa_supplicant/events.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/wpa_supplicant/events.c?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/wpa_supplicant/events.c (original)
+++ wpasupplicant/trunk/wpa_supplicant/events.c Tue Jan 1 13:55:42 2008
@@ -394,7 +394,7 @@
wpa_printf(MSG_DEBUG, "%d: " MACSTR " ssid='%s' "
"wpa_ie_len=%u rsn_ie_len=%u caps=0x%x",
- i, MAC2STR(bss->bssid),
+ (int) i, MAC2STR(bss->bssid),
wpa_ssid_txt(ssid_, ssid_len),
wpa_ie_len, rsn_ie_len, bss->caps);
e = wpa_blacklist_get(wpa_s, bss->bssid);
@@ -458,7 +458,7 @@
wpa_printf(MSG_DEBUG, "%d: " MACSTR " ssid='%s' "
"wpa_ie_len=%u rsn_ie_len=%u caps=0x%x",
- i, MAC2STR(bss->bssid),
+ (int) i, MAC2STR(bss->bssid),
wpa_ssid_txt(ssid_, ssid_len),
wpa_ie_len, rsn_ie_len, bss->caps);
e = wpa_blacklist_get(wpa_s, bss->bssid);
Modified: wpasupplicant/trunk/wpa_supplicant/vs2005/eapol_test/eapol_test.vcproj
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/wpa_supplicant/vs2005/eapol_test/eapol_test.vcproj?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/wpa_supplicant/vs2005/eapol_test/eapol_test.vcproj (original)
+++ wpasupplicant/trunk/wpa_supplicant/vs2005/eapol_test/eapol_test.vcproj Tue Jan 1 13:55:42 2008
@@ -195,6 +195,10 @@
>
</File>
<File
+ RelativePath="..\..\..\src\eap_common\chap.c"
+ >
+ </File>
+ <File
RelativePath="..\..\..\src\utils\common.c"
>
</File>
@@ -352,6 +356,10 @@
</File>
<File
RelativePath="..\..\scan.c"
+ >
+ </File>
+ <File
+ RelativePath="..\..\..\src\drivers\scan_helpers.c"
>
</File>
<File
Modified: wpasupplicant/trunk/wpa_supplicant/vs2005/wpa_supplicant/wpa_supplicant.vcproj
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/wpa_supplicant/vs2005/wpa_supplicant/wpa_supplicant.vcproj?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/wpa_supplicant/vs2005/wpa_supplicant/wpa_supplicant.vcproj (original)
+++ wpasupplicant/trunk/wpa_supplicant/vs2005/wpa_supplicant/wpa_supplicant.vcproj Tue Jan 1 13:55:42 2008
@@ -195,6 +195,10 @@
>
</File>
<File
+ RelativePath="..\..\..\src\eap_common\chap.c"
+ >
+ </File>
+ <File
RelativePath="..\..\..\src\utils\common.c"
>
</File>
@@ -348,6 +352,10 @@
</File>
<File
RelativePath="..\..\scan.c"
+ >
+ </File>
+ <File
+ RelativePath="..\..\..\src\drivers\scan_helpers.c"
>
</File>
<File
Modified: wpasupplicant/trunk/wpa_supplicant/vs2005/wpasvc/wpasvc.vcproj
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/wpa_supplicant/vs2005/wpasvc/wpasvc.vcproj?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/wpa_supplicant/vs2005/wpasvc/wpasvc.vcproj (original)
+++ wpasupplicant/trunk/wpa_supplicant/vs2005/wpasvc/wpasvc.vcproj Tue Jan 1 13:55:42 2008
@@ -195,6 +195,10 @@
>
</File>
<File
+ RelativePath="..\..\..\src\eap_common\chap.c"
+ >
+ </File>
+ <File
RelativePath="..\..\..\src\utils\common.c"
>
</File>
@@ -348,6 +352,10 @@
</File>
<File
RelativePath="..\..\scan.c"
+ >
+ </File>
+ <File
+ RelativePath="..\..\..\src\drivers\scan_helpers.c"
>
</File>
<File
Modified: wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/setup-mingw-cross-compiling
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/setup-mingw-cross-compiling?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/setup-mingw-cross-compiling (original)
+++ wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/setup-mingw-cross-compiling Tue Jan 1 13:55:42 2008
@@ -4,8 +4,8 @@
# and I have no idea how to change these. For now, just override the
# directories in the Makefile.Release file after qmake run.
-qmake -spec /q/jm/qt4-win/4.0.0/mkspecs/win32-g++ wpa_gui.pro -o Makefile
+qmake -spec /q/jm/qt4-win/4.3.3/mkspecs/win32-g++ wpa_gui.pro -o Makefile
cat Makefile.Release |
- sed s%qt4/lib%qt4-win/4.0.0/lib%g |
- sed s%qt4/include%qt4-win/4.0.0/include%g > tmp.Makefile.Release &&
+ sed s%/usr/lib/qt4%/q/jm/qt4-win/4.3.3/lib%g |
+ sed s%/usr/include/qt4%/q/jm/qt4-win/4.3.3/include%g > tmp.Makefile.Release &&
mv -f tmp.Makefile.Release Makefile.Release
Modified: wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/wpagui.cpp
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/wpagui.cpp?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/wpagui.cpp (original)
+++ wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/wpagui.cpp Tue Jan 1 13:55:42 2008
@@ -1,6 +1,6 @@
/*
* wpa_gui - WpaGui class
- * Copyright (c) 2005-2006, Jouni Malinen <j at w1.fi>
+ * Copyright (c) 2005-2007, Jouni Malinen <j at w1.fi>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
@@ -32,21 +32,21 @@
(void) statusBar();
- connect(helpIndexAction, SIGNAL(activated()), this, SLOT(helpIndex()));
- connect(helpContentsAction, SIGNAL(activated()), this,
+ connect(helpIndexAction, SIGNAL(triggered()), this, SLOT(helpIndex()));
+ connect(helpContentsAction, SIGNAL(triggered()), this,
SLOT(helpContents()));
- connect(helpAboutAction, SIGNAL(activated()), this, SLOT(helpAbout()));
- connect(fileExitAction, SIGNAL(activated()), this, SLOT(exitApp()));
+ connect(helpAboutAction, SIGNAL(triggered()), this, SLOT(helpAbout()));
+ connect(fileExitAction, SIGNAL(triggered()), this, SLOT(exitApp()));
connect(disconnectButton, SIGNAL(clicked()), this, SLOT(disconnect()));
connect(scanButton, SIGNAL(clicked()), this, SLOT(scan()));
connect(connectButton, SIGNAL(clicked()), this, SLOT(connectB()));
- connect(fileEventHistoryAction, SIGNAL(activated()), this,
+ connect(fileEventHistoryAction, SIGNAL(triggered()), this,
SLOT(eventHistory()));
connect(networkSelect, SIGNAL(activated(const QString&)), this,
SLOT(selectNetwork(const QString&)));
- connect(fileEdit_networkAction, SIGNAL(activated()), this,
+ connect(fileEdit_networkAction, SIGNAL(triggered()), this,
SLOT(editNetwork()));
- connect(fileAdd_NetworkAction, SIGNAL(activated()), this,
+ connect(fileAdd_NetworkAction, SIGNAL(triggered()), this,
SLOT(addNetwork()));
connect(adapterSelect, SIGNAL(activated(const QString&)), this,
SLOT(selectAdapter(const QString&)));
@@ -512,7 +512,7 @@
void WpaGui::helpAbout()
{
QMessageBox::about(this, "wpa_gui for wpa_supplicant",
- "Copyright (c) 2003-2006,\n"
+ "Copyright (c) 2003-2007,\n"
"Jouni Malinen <j at w1.fi>\n"
"and contributors.\n"
"\n"
Modified: wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/wpamsg.h
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/wpamsg.h?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/wpamsg.h (original)
+++ wpasupplicant/trunk/wpa_supplicant/wpa_gui-qt4/wpamsg.h Tue Jan 1 13:55:42 2008
@@ -20,7 +20,6 @@
class WpaMsg {
public:
- WpaMsg() {}
WpaMsg(const QString &_msg, int _priority = 2)
: msg(_msg), priority(_priority)
{
Modified: wpasupplicant/trunk/wpa_supplicant/wpa_gui/wpamsg.h
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/wpa_supplicant/wpa_gui/wpamsg.h?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/wpa_supplicant/wpa_gui/wpamsg.h (original)
+++ wpasupplicant/trunk/wpa_supplicant/wpa_gui/wpamsg.h Tue Jan 1 13:55:42 2008
@@ -14,7 +14,6 @@
class WpaMsg {
public:
- WpaMsg() {}
WpaMsg(const QString &_msg, int _priority = 2)
: msg(_msg), priority(_priority)
{
Modified: wpasupplicant/trunk/wpa_supplicant/wpa_supplicant.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/wpa_supplicant/wpa_supplicant.c?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/wpa_supplicant/wpa_supplicant.c (original)
+++ wpasupplicant/trunk/wpa_supplicant/wpa_supplicant.c Tue Jan 1 13:55:42 2008
@@ -1298,17 +1298,24 @@
*/
int wpa_supplicant_get_scan_results(struct wpa_supplicant *wpa_s)
{
+ int ret;
+
if (wpa_s->use_client_mlme || wpa_s->driver->get_scan_results2 == NULL)
- return wpa_supplicant_get_scan_results_old(wpa_s);
-
- wpa_scan_results_free(wpa_s->scan_res);
- wpa_s->scan_res = wpa_drv_get_scan_results2(wpa_s);
- if (wpa_s->scan_res == NULL) {
- wpa_printf(MSG_DEBUG, "Failed to get scan results");
- return -1;
- }
-
- return 0;
+ ret = wpa_supplicant_get_scan_results_old(wpa_s);
+ else {
+ wpa_scan_results_free(wpa_s->scan_res);
+ wpa_s->scan_res = wpa_drv_get_scan_results2(wpa_s);
+ if (wpa_s->scan_res == NULL) {
+ wpa_printf(MSG_DEBUG, "Failed to get scan results");
+ ret = -1;
+ } else
+ ret = 0;
+ }
+
+ if (wpa_s->scan_res)
+ wpa_scan_sort_results(wpa_s->scan_res);
+
+ return ret;
}
Modified: wpasupplicant/trunk/wpa_supplicant/wpa_supplicant.conf
URL: http://svn.debian.org/wsvn/pkg-wpa/wpasupplicant/trunk/wpa_supplicant/wpa_supplicant.conf?rev=969&op=diff
==============================================================================
--- wpasupplicant/trunk/wpa_supplicant/wpa_supplicant.conf (original)
+++ wpasupplicant/trunk/wpa_supplicant/wpa_supplicant.conf Tue Jan 1 13:55:42 2008
@@ -620,6 +620,15 @@
password="foobar"
}
+# EAP-IKEv2 using shared secrets for both server and peer authentication
+network={
+ ssid="ikev2-example"
+ key_mgmt=WPA-EAP
+ eap=IKEV2
+ identity="user"
+ password="foobar"
+}
+
# EAP-FAST with WPA (WPA or WPA2)
network={
ssid="eap-fast-test"
More information about the Pkg-wpa-devel
mailing list