From patchwork Mon Nov 27 02:52:58 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Denis Kenzior X-Patchwork-Id: 13469024 Received: from mail-oo1-f51.google.com (mail-oo1-f51.google.com [209.85.161.51]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 275A815CF for ; Mon, 27 Nov 2023 02:54:09 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="F0yrRz+1" Received: by mail-oo1-f51.google.com with SMTP id 006d021491bc7-58d521f12ebso1008934eaf.2 for ; Sun, 26 Nov 2023 18:54:09 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1701053649; x=1701658449; darn=lists.linux.dev; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=kOTUEgUpIUa3xSXsm+qBrM9i2hQEQ7mS1G0rrydGMY4=; b=F0yrRz+1f7L4PJQrehhHhiKRssHNimVgO3/wMYvyU12gsALE7tyG/QRkiQYmQNg1iI 8RSr+YLd8ITU52gx9kQpQFmTNWMD2TzcziQ4Yxy2zwaUVOb15kwSeyH6dZ4GJrT7oy6v EZS6gGFbwYOZSw12L3myX8+GtgpEy+IAHWZyBkZh4UFFn6iKp956PDA2XS2mzsLyIJBM TCwJn/+PT6okZo3hFtYUZKZNDJR6bRaAWyeQ/GeBE/aa23QkkX+FEOQvD/P4xAtshJ1Y CVTX/auKXM6Ifx7r2TCB2hijVXoP+qMBf5T8pZcRNg4n8TOowt3O2/czaCl3fEoFFHlT BU9A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1701053649; x=1701658449; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=kOTUEgUpIUa3xSXsm+qBrM9i2hQEQ7mS1G0rrydGMY4=; b=XqxVR5z8Q0b4O+eD8+P2DxVAI9qAarFigcQR0/vB0sgdYchQ/ANBbsYN7pG4AD6Gwr 3iXgkWrl482WrS7BQXSQbKt6C67F7m7NqAA4hCTSEJdbUx4NVCd0Wgg7dUaj6I0a3p4q Hm9dDklsDVaiL8E8RXzrqfvhO24cblPkWAGqARjltbnB/IbS3WSf4PIACU7krMVFeMH4 U7hQw6JV57tahO78tX6E3LH8SYcEHlyjxyb+S0y2F9noO2D3rdJJMIozgyapr6nWB0/v vrfCRjxgBl94b2yXR1j3cdspPpZcqCyKEdDcBFs/gtgd8wRYrVOGty3TYCFQg0FjR6/s AVJQ== X-Gm-Message-State: AOJu0Yyk+BEe/TrgV0DFnKFoQSD8bXmkx9DseAoz5eoCj18uBxQZNq1P isaTD0DWOFqARYUpMWXSRqoFAvi8axc= X-Google-Smtp-Source: AGHT+IHNv/fIrTOWAjGLopKRsXz8VDR3vMYM/ldF87q8I2gOwH0jBd4oTZ12UjTa2tMuhrMLERJKQg== X-Received: by 2002:a05:6871:438b:b0:1f9:9980:93bb with SMTP id lv11-20020a056871438b00b001f9998093bbmr14574146oab.52.1701053648655; Sun, 26 Nov 2023 18:54:08 -0800 (PST) Received: from localhost.localdomain (070-114-247-242.res.spectrum.com. [70.114.247.242]) by smtp.gmail.com with ESMTPSA id ti3-20020a056871890300b001f9e3731545sm1818846oab.11.2023.11.26.18.54.07 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 26 Nov 2023 18:54:08 -0800 (PST) From: Denis Kenzior To: iwd@lists.linux.dev Cc: Denis Kenzior Subject: [PATCH 1/6] ie: Move AKM suite converter from netdev Date: Sun, 26 Nov 2023 20:52:58 -0600 Message-ID: <20231127025320.1310543-1-denkenz@gmail.com> X-Mailer: git-send-email 2.42.0 Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 It is more logical to host this function inside ie.c than netdev.c. Particularly since ie_rsn_cipher_suite_to_cipher is already present in ie.c. --- src/ie.c | 46 ++++++++++++++++++++++++++++++++++++++++++++++ src/ie.h | 2 ++ src/netdev.c | 47 +---------------------------------------------- 3 files changed, 49 insertions(+), 46 deletions(-) diff --git a/src/ie.c b/src/ie.c index 6b08ce180a87..a51724aa74c8 100644 --- a/src/ie.c +++ b/src/ie.c @@ -481,6 +481,52 @@ const char *ie_rsn_cipher_suite_to_string(enum ie_rsn_cipher_suite suite) return NULL; } +uint32_t ie_rsn_akm_suite_to_akm(enum ie_rsn_akm_suite akm) +{ + switch (akm) { + case IE_RSN_AKM_SUITE_8021X: + return CRYPTO_AKM_8021X; + case IE_RSN_AKM_SUITE_PSK: + return CRYPTO_AKM_PSK; + case IE_RSN_AKM_SUITE_FT_OVER_8021X: + return CRYPTO_AKM_FT_OVER_8021X; + case IE_RSN_AKM_SUITE_FT_USING_PSK: + return CRYPTO_AKM_FT_USING_PSK; + case IE_RSN_AKM_SUITE_8021X_SHA256: + return CRYPTO_AKM_8021X_SHA256; + case IE_RSN_AKM_SUITE_PSK_SHA256: + return CRYPTO_AKM_PSK_SHA256; + case IE_RSN_AKM_SUITE_TDLS: + return CRYPTO_AKM_TDLS; + case IE_RSN_AKM_SUITE_SAE_SHA256: + return CRYPTO_AKM_SAE_SHA256; + case IE_RSN_AKM_SUITE_FT_OVER_SAE_SHA256: + return CRYPTO_AKM_FT_OVER_SAE_SHA256; + case IE_RSN_AKM_SUITE_AP_PEER_KEY_SHA256: + return CRYPTO_AKM_AP_PEER_KEY_SHA256; + case IE_RSN_AKM_SUITE_8021X_SUITE_B_SHA256: + return CRYPTO_AKM_8021X_SUITE_B_SHA256; + case IE_RSN_AKM_SUITE_8021X_SUITE_B_SHA384: + return CRYPTO_AKM_8021X_SUITE_B_SHA384; + case IE_RSN_AKM_SUITE_FT_OVER_8021X_SHA384: + return CRYPTO_AKM_FT_OVER_8021X_SHA384; + case IE_RSN_AKM_SUITE_FILS_SHA256: + return CRYPTO_AKM_FILS_SHA256; + case IE_RSN_AKM_SUITE_FILS_SHA384: + return CRYPTO_AKM_FILS_SHA384; + case IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA256: + return CRYPTO_AKM_FT_OVER_FILS_SHA256; + case IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA384: + return CRYPTO_AKM_FT_OVER_FILS_SHA384; + case IE_RSN_AKM_SUITE_OWE: + return CRYPTO_AKM_OWE; + case IE_RSN_AKM_SUITE_OSEN: + return CRYPTO_AKM_OSEN; + } + + return 0; +} + /* 802.11, Section 8.4.2.27.2 */ static bool ie_parse_cipher_suite(const uint8_t *data, enum ie_rsn_cipher_suite *out) diff --git a/src/ie.h b/src/ie.h index c9a6c78324d6..9ada64bf3bd7 100644 --- a/src/ie.h +++ b/src/ie.h @@ -621,6 +621,8 @@ unsigned char *ie_tlv_builder_finalize(struct ie_tlv_builder *builder, uint32_t ie_rsn_cipher_suite_to_cipher(enum ie_rsn_cipher_suite suite); const char *ie_rsn_cipher_suite_to_string(enum ie_rsn_cipher_suite suite); +uint32_t ie_rsn_akm_suite_to_akm(enum ie_rsn_akm_suite akm); + int ie_parse_rsne(struct ie_tlv_iter *iter, struct ie_rsn_info *info); int ie_parse_rsne_from_data(const uint8_t *data, size_t len, struct ie_rsn_info *info); diff --git a/src/netdev.c b/src/netdev.c index f23ca59ea1cb..7b951a6a4797 100644 --- a/src/netdev.c +++ b/src/netdev.c @@ -2445,51 +2445,6 @@ static void netdev_driver_connected(struct netdev *netdev) eapol_register(netdev->sm); } -static unsigned int ie_rsn_akm_suite_to_nl80211(enum ie_rsn_akm_suite akm) -{ - switch (akm) { - case IE_RSN_AKM_SUITE_8021X: - return CRYPTO_AKM_8021X; - case IE_RSN_AKM_SUITE_PSK: - return CRYPTO_AKM_PSK; - case IE_RSN_AKM_SUITE_FT_OVER_8021X: - return CRYPTO_AKM_FT_OVER_8021X; - case IE_RSN_AKM_SUITE_FT_USING_PSK: - return CRYPTO_AKM_FT_USING_PSK; - case IE_RSN_AKM_SUITE_8021X_SHA256: - return CRYPTO_AKM_8021X_SHA256; - case IE_RSN_AKM_SUITE_PSK_SHA256: - return CRYPTO_AKM_PSK_SHA256; - case IE_RSN_AKM_SUITE_TDLS: - return CRYPTO_AKM_TDLS; - case IE_RSN_AKM_SUITE_SAE_SHA256: - return CRYPTO_AKM_SAE_SHA256; - case IE_RSN_AKM_SUITE_FT_OVER_SAE_SHA256: - return CRYPTO_AKM_FT_OVER_SAE_SHA256; - case IE_RSN_AKM_SUITE_AP_PEER_KEY_SHA256: - return CRYPTO_AKM_AP_PEER_KEY_SHA256; - case IE_RSN_AKM_SUITE_8021X_SUITE_B_SHA256: - return CRYPTO_AKM_8021X_SUITE_B_SHA256; - case IE_RSN_AKM_SUITE_8021X_SUITE_B_SHA384: - return CRYPTO_AKM_8021X_SUITE_B_SHA384; - case IE_RSN_AKM_SUITE_FT_OVER_8021X_SHA384: - return CRYPTO_AKM_FT_OVER_8021X_SHA384; - case IE_RSN_AKM_SUITE_FILS_SHA256: - return CRYPTO_AKM_FILS_SHA256; - case IE_RSN_AKM_SUITE_FILS_SHA384: - return CRYPTO_AKM_FILS_SHA384; - case IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA256: - return CRYPTO_AKM_FT_OVER_FILS_SHA256; - case IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA384: - return CRYPTO_AKM_FT_OVER_FILS_SHA384; - case IE_RSN_AKM_SUITE_OWE: - return CRYPTO_AKM_OWE; - case IE_RSN_AKM_SUITE_OSEN: - return CRYPTO_AKM_OSEN; - } - - return 0; -} static void netdev_append_nl80211_rsn_attributes(struct l_genl_msg *msg, struct handshake_state *hs) @@ -2514,7 +2469,7 @@ static void netdev_append_nl80211_rsn_attributes(struct l_genl_msg *msg, l_genl_msg_append_attr(msg, NL80211_ATTR_USE_MFP, 4, &use_mfp); } - nl_akm = ie_rsn_akm_suite_to_nl80211(hs->akm_suite); + nl_akm = ie_rsn_akm_suite_to_akm(hs->akm_suite); L_WARN_ON(!nl_akm); l_genl_msg_append_attr(msg, NL80211_ATTR_AKM_SUITES, 4, &nl_akm); From patchwork Mon Nov 27 02:52:59 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Denis Kenzior X-Patchwork-Id: 13469025 Received: from mail-ot1-f50.google.com (mail-ot1-f50.google.com [209.85.210.50]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BEEE51C38 for ; Mon, 27 Nov 2023 02:54:10 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="Jh9cD8cG" Received: by mail-ot1-f50.google.com with SMTP id 46e09a7af769-6d7e6df999fso2420359a34.1 for ; Sun, 26 Nov 2023 18:54:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1701053649; x=1701658449; darn=lists.linux.dev; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=FfHHDyb4tRLAYb0iJOZcpiUtWFE/ruaAKATQxemdK5U=; b=Jh9cD8cGFBg60AeB+wlBOHVWMHnZT+zDEBi14+dz8kvzya5j3QnfqbrC5cIvnl6Oj2 Y6tIlVO9qtCG5DxEMRmTYg/Wa9jzAx/bTCjiCB9XDeu1x2A57GlG00C1/TJIZf4Zv6qT E6N3mBwpmmUa1omRkmzGynfrb+AEZqoWGQP5fSC8LiLJ9Q53Kg/oTulWsiXs06Ef8DFJ PSkYOLbtliBArvfwBvQDJYY4aK6gcveYRwi0g+/2tQocYJ4Hi/G2uXoQS+9tNLRIeyfc A+SMFc5Oseb8tjX3lYSG7zOuOgPDygYpxjYuisGBodt2UbeOfTpYmVtOOTtIxwFyh6fd Id1w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1701053649; x=1701658449; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=FfHHDyb4tRLAYb0iJOZcpiUtWFE/ruaAKATQxemdK5U=; b=DhQojb9VopmQgfa+ttwmTyJ/UQ+P4lFMnh0rPA6F3h3BjojQ8O0H/2whYvtRXCPtJZ 3AsV1vydILSNTIl9YfulNSfHsH2FEvuo/esm8amYF9vc/Iu6gEH2e0ZXYJEDhxd/tWXD lPz2HvQ8pSipG5EVd/O44rvRo5ggo/By3dqOCY/8lA+0aET2fjqs3bFNecEkmDcHWLpu tvtgQ274c3TAcztVsRVJvBuuraBeauFAyxsdidtG/KXOTTGqnsjKKJtf0f3i18SyvsII nJyMW57VH52fqPxw7cpzH1b8lfuSTvHAMVtX9cmMhUEPrZmZCrOxD0NDONhdEI32IYrx FGVg== X-Gm-Message-State: AOJu0YxWEYBTnTI1VPBOJVscEWL4r4Y6STw8X7cRipninAjg+Zz9vQIf nMIRYQSZR8hVcCfTOoQSMgGEBbLzpYE= X-Google-Smtp-Source: AGHT+IG4mVJE/cv5LHTvOGW3m2rnwoo975nSfV214Y1P8TLNRgkS7Nn/XLNRlSfnutz6+RzCvIOliQ== X-Received: by 2002:a05:6870:7252:b0:1fa:8d3:34ea with SMTP id y18-20020a056870725200b001fa08d334eamr11115333oaf.58.1701053649498; Sun, 26 Nov 2023 18:54:09 -0800 (PST) Received: from localhost.localdomain (070-114-247-242.res.spectrum.com. [70.114.247.242]) by smtp.gmail.com with ESMTPSA id ti3-20020a056871890300b001f9e3731545sm1818846oab.11.2023.11.26.18.54.08 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 26 Nov 2023 18:54:09 -0800 (PST) From: Denis Kenzior To: iwd@lists.linux.dev Cc: Denis Kenzior Subject: [PATCH 2/6] nl80211util: Move nl80211_append_rsn_attributes Date: Sun, 26 Nov 2023 20:52:59 -0600 Message-ID: <20231127025320.1310543-2-denkenz@gmail.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20231127025320.1310543-1-denkenz@gmail.com> References: <20231127025320.1310543-1-denkenz@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 --- Makefile.am | 1 + src/netdev.c | 43 ++----------------------------------------- src/nl80211util.c | 40 ++++++++++++++++++++++++++++++++++++++++ src/nl80211util.h | 4 ++++ 4 files changed, 47 insertions(+), 41 deletions(-) diff --git a/Makefile.am b/Makefile.am index d0247faf7ed5..5ed6ab37164b 100644 --- a/Makefile.am +++ b/Makefile.am @@ -407,6 +407,7 @@ tools_hwsim_SOURCES = tools/hwsim.c src/mpdu.h \ src/storage.h src/storage.c \ src/common.h src/common.c \ src/band.h src/band.c \ + src/ie.h src/ie.c \ src/crypto.h src/crypto.c tools_hwsim_LDADD = $(ell_ldadd) diff --git a/src/netdev.c b/src/netdev.c index 7b951a6a4797..1c032b32acdc 100644 --- a/src/netdev.c +++ b/src/netdev.c @@ -2445,45 +2445,6 @@ static void netdev_driver_connected(struct netdev *netdev) eapol_register(netdev->sm); } - -static void netdev_append_nl80211_rsn_attributes(struct l_genl_msg *msg, - struct handshake_state *hs) -{ - uint32_t nl_cipher; - uint32_t nl_akm; - uint32_t wpa_version; - - nl_cipher = ie_rsn_cipher_suite_to_cipher(hs->pairwise_cipher); - L_WARN_ON(!nl_cipher); - l_genl_msg_append_attr(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE, - 4, &nl_cipher); - - nl_cipher = ie_rsn_cipher_suite_to_cipher(hs->group_cipher); - L_WARN_ON(!nl_cipher); - l_genl_msg_append_attr(msg, NL80211_ATTR_CIPHER_SUITE_GROUP, - 4, &nl_cipher); - - if (hs->mfp) { - uint32_t use_mfp = NL80211_MFP_REQUIRED; - - l_genl_msg_append_attr(msg, NL80211_ATTR_USE_MFP, 4, &use_mfp); - } - - nl_akm = ie_rsn_akm_suite_to_akm(hs->akm_suite); - L_WARN_ON(!nl_akm); - l_genl_msg_append_attr(msg, NL80211_ATTR_AKM_SUITES, 4, &nl_akm); - - if (IE_AKM_IS_SAE(hs->akm_suite)) - wpa_version = NL80211_WPA_VERSION_3; - else if (hs->wpa_ie) - wpa_version = NL80211_WPA_VERSION_1; - else - wpa_version = NL80211_WPA_VERSION_2; - - l_genl_msg_append_attr(msg, NL80211_ATTR_WPA_VERSIONS, - 4, &wpa_version); -} - static struct l_genl_msg *netdev_build_cmd_connect(struct netdev *netdev, struct handshake_state *hs, const uint8_t *prev_bssid, @@ -2540,7 +2501,7 @@ static struct l_genl_msg *netdev_build_cmd_connect(struct netdev *netdev, l_genl_msg_append_attr(msg, NL80211_ATTR_SOCKET_OWNER, 0, NULL); if (is_rsn) { - netdev_append_nl80211_rsn_attributes(msg, hs); + nl80211_append_rsn_attributes(msg, hs); c_iov = iov_ie_append(iov, n_iov, c_iov, hs->supplicant_ie); } @@ -2888,7 +2849,7 @@ static struct l_genl_msg *netdev_build_cmd_associate_common( l_genl_msg_append_attr(msg, NL80211_ATTR_SOCKET_OWNER, 0, NULL); if (is_rsn) - netdev_append_nl80211_rsn_attributes(msg, hs); + nl80211_append_rsn_attributes(msg, hs); if (is_rsn || hs->settings_8021x) { l_genl_msg_append_attr(msg, NL80211_ATTR_CONTROL_PORT, diff --git a/src/nl80211util.c b/src/nl80211util.c index ef69cc718e04..0f45c9051330 100644 --- a/src/nl80211util.c +++ b/src/nl80211util.c @@ -32,6 +32,8 @@ #include "src/nl80211util.h" #include "src/band.h" +#include "src/ie.h" +#include "src/handshake.h" #include "src/util.h" typedef bool (*attr_handler)(const void *data, uint16_t len, void *o); @@ -687,3 +689,41 @@ int nl80211_parse_supported_frequencies(struct l_genl_attr *band_freqs, return 0; } + +void nl80211_append_rsn_attributes(struct l_genl_msg *msg, + struct handshake_state *hs) +{ + uint32_t nl_cipher; + uint32_t nl_akm; + uint32_t wpa_version; + + nl_cipher = ie_rsn_cipher_suite_to_cipher(hs->pairwise_cipher); + L_WARN_ON(!nl_cipher); + l_genl_msg_append_attr(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE, + 4, &nl_cipher); + + nl_cipher = ie_rsn_cipher_suite_to_cipher(hs->group_cipher); + L_WARN_ON(!nl_cipher); + l_genl_msg_append_attr(msg, NL80211_ATTR_CIPHER_SUITE_GROUP, + 4, &nl_cipher); + + if (hs->mfp) { + uint32_t use_mfp = NL80211_MFP_REQUIRED; + + l_genl_msg_append_attr(msg, NL80211_ATTR_USE_MFP, 4, &use_mfp); + } + + nl_akm = ie_rsn_akm_suite_to_akm(hs->akm_suite); + L_WARN_ON(!nl_akm); + l_genl_msg_append_attr(msg, NL80211_ATTR_AKM_SUITES, 4, &nl_akm); + + if (IE_AKM_IS_SAE(hs->akm_suite)) + wpa_version = NL80211_WPA_VERSION_3; + else if (hs->wpa_ie) + wpa_version = NL80211_WPA_VERSION_1; + else + wpa_version = NL80211_WPA_VERSION_2; + + l_genl_msg_append_attr(msg, NL80211_ATTR_WPA_VERSIONS, + 4, &wpa_version); +} diff --git a/src/nl80211util.h b/src/nl80211util.h index 9f8ae17aeaa4..6f7b9eabbc27 100644 --- a/src/nl80211util.h +++ b/src/nl80211util.h @@ -25,6 +25,7 @@ struct band_chandef; struct scan_freq_set; struct band_freq_attrs; +struct handshake_state; int nl80211_parse_attrs(struct l_genl_msg *msg, int tag, ...); @@ -90,3 +91,6 @@ int nl80211_parse_supported_frequencies(struct l_genl_attr *band_freqs, struct scan_freq_set *supported_list, struct band_freq_attrs *list, size_t num_channels); + +void nl80211_append_rsn_attributes(struct l_genl_msg *msg, + struct handshake_state *hs); From patchwork Mon Nov 27 02:53:00 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Denis Kenzior X-Patchwork-Id: 13469027 Received: from mail-oa1-f53.google.com (mail-oa1-f53.google.com [209.85.160.53]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5FDA91FBC for ; Mon, 27 Nov 2023 02:54:11 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="mKzht73D" Received: by mail-oa1-f53.google.com with SMTP id 586e51a60fabf-1fa20395185so878075fac.3 for ; Sun, 26 Nov 2023 18:54:11 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1701053650; x=1701658450; darn=lists.linux.dev; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=EXxyGLc7j7CR85/9rJLh7fxxwQry4P9sd221GusiwY8=; b=mKzht73Dp4SCMlDCjToSdYEfM8UppRnIRKUzSpbCtzAnIzQrucA1w+7Q2nnoWtagAi 5IjCTlUGKT5zXWoCV6DhzRf0AWGBp4VHwa72Z8KnO2Qq7z0d5o0rrcPkyyDHFoS2mnfV Fb77E+90Zqvc/QmBVJMEbJi15dq6+EimgXvJ/DZ5smGVQOwVwsdN9vSpEfxnTUVR4rh/ oFqYxJGDsys+dvvABavDrp2rbSs/8gmrs+JoWggJMVoO5Q8DyG1jG/zPboLLKSe1PWCv SNZ8RjifbiZqQkvV+Gcq04jo27AH4L2jPbAzKgPoSET/l5zJ0kMCZJzmkRTey1ZUzXcr tD2A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1701053650; x=1701658450; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=EXxyGLc7j7CR85/9rJLh7fxxwQry4P9sd221GusiwY8=; b=WDphtUfPD4UGUSqI7rdOIYby0V8Ri9A1ADSG6q+ZdZuP7hJ/UpCDkbd8Dg0kW/M6NM p/bhhTWJyOqS06Mt2j2EqJqYDImR4yk96pnj7sXW5vWGDGvP0GTXH135Rdw3KmH8F2k7 zn9B+hDsgQH2Sz0lhoVlYQCqVMgHWq3WdzFK/az8MQnVHhq1AtoYmW+G6f5+p7+3JD2D m8y6erO9RDW/9HzYyr3HicF/ol/LdBebpCcT9BoRnsN3snucP04pBV/fP97ycxcm3V16 6WeGUMCczJk2udQ5NXOhUazq+p+62h35PpikMHBFGnhyGjL0Dp7ysHqLGlVhCqgWRm7G NGgg== X-Gm-Message-State: AOJu0YxrYHvHXLRkAPMihImZv1PcvvKXPBElKd8EVG3JrPLhXPJH/bV1 gFrKu6GqQ+LskzbN8CMiXpn/dE1hYoE= X-Google-Smtp-Source: AGHT+IFGa6EIzVb3pDFIyOFAMaWC1VseYSX2DYZo0MYgHiG8WMOgCi1kLX/b8c34g4FAvgFClP4gkA== X-Received: by 2002:a05:6870:9f8b:b0:1e9:ce72:35e0 with SMTP id xm11-20020a0568709f8b00b001e9ce7235e0mr15659314oab.0.1701053650245; Sun, 26 Nov 2023 18:54:10 -0800 (PST) Received: from localhost.localdomain (070-114-247-242.res.spectrum.com. [70.114.247.242]) by smtp.gmail.com with ESMTPSA id ti3-20020a056871890300b001f9e3731545sm1818846oab.11.2023.11.26.18.54.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 26 Nov 2023 18:54:09 -0800 (PST) From: Denis Kenzior To: iwd@lists.linux.dev Cc: Denis Kenzior Subject: [PATCH 3/6] netdev: Don't duplicate vendor_ies Date: Sun, 26 Nov 2023 20:53:00 -0600 Message-ID: <20231127025320.1310543-3-denkenz@gmail.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20231127025320.1310543-1-denkenz@gmail.com> References: <20231127025320.1310543-1-denkenz@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 vendor_ies stored in handshake_state are already added as part of netdev_populate_common_ies(), which is already invoked by netdev_build_cmd_connect(). Normally vendor_ies is NULL for OWE connections, so no IEs are duplicated as a result. --- src/netdev.c | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/src/netdev.c b/src/netdev.c index 1c032b32acdc..e7b502b1c3ba 100644 --- a/src/netdev.c +++ b/src/netdev.c @@ -2561,16 +2561,11 @@ static void netdev_cmd_connect_cb(struct l_genl_msg *msg, void *user_data) static bool netdev_retry_owe(struct netdev *netdev) { - struct iovec iov; - if (!owe_next_group(netdev->owe_sm)) return false; - iov.iov_base = netdev->handshake->vendor_ies; - iov.iov_len = netdev->handshake->vendor_ies_len; - netdev->connect_cmd = netdev_build_cmd_connect(netdev, - netdev->handshake, NULL, &iov, 1); + netdev->handshake, NULL, NULL, 0); netdev->connect_cmd_id = l_genl_family_send(nl80211, netdev->connect_cmd, From patchwork Mon Nov 27 02:53:01 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Denis Kenzior X-Patchwork-Id: 13469026 Received: from mail-oa1-f53.google.com (mail-oa1-f53.google.com [209.85.160.53]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0FE891FD2 for ; Mon, 27 Nov 2023 02:54:11 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="AzIdZ9+0" Received: by mail-oa1-f53.google.com with SMTP id 586e51a60fabf-1fa48ad4e99so310722fac.3 for ; Sun, 26 Nov 2023 18:54:11 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1701053651; x=1701658451; darn=lists.linux.dev; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=rWYMheTM/ZJX7EY/T+aPkHmPK3FmlL40bmmZ7iRpg9Q=; b=AzIdZ9+037fnyT8C6Pn8tSeNdaEB5IZbWPq58hJVi2VAWRJKdRZOYeC5Yhs7XPri7R bp/SPGxlwK0HJH1oIqbcrO3stWP9o2S4WoHoYCdpkQG1/WVPr6iGC5HoxI7PJVGuQvLM yPVt5Kyvf+Y0ZSUK/MOfV8hdHfUpuBEmel8KWvPwM8fTP4qsd3LnVNoJ4UxZNazu6odu Pf3d+vDSDPPY184tdGfHzpaMbU4T/ssKvUSUj462JBENqgFgzFAdw0S2PjqegvyVuykT yesMk/ijcaWJGV0ZHefRLc3tqeTj0LzSxPjKBqUpC+5cOSvVauV6ViUD+tekmHM01d8u VC+A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1701053651; x=1701658451; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=rWYMheTM/ZJX7EY/T+aPkHmPK3FmlL40bmmZ7iRpg9Q=; b=QkzstqwD4uZciNDlj3qpDG4j8bGR5GzkQRF0Z8yGKBN8nSq1t3xNKgPwYE/QLmVw0Z H+EHJ8vMRXeNXz8j2vSNfuEw/o5pfwQQ3uK7PwLr3AUt8WArb79nE+wtDqdcWylxk8gy kJUf5ELQy+xc2dlhRnphjm5xpzpH2F4qncmKtTZgLJ1QBscyFyuNvJ/AgdLcLNtvmWq3 6SLbU4RMD5S/PthJVZadu5VCotDghPZMG4aExJfOu/ihikMxkekvRLoh+1b1i5FacM8M j1kzvhYiEYf7V6BNlHRZNDc9XTgbqdtU2X1rJ8mKLBRlkgtb+GorWHscrgBUjFdOe0i2 UT6g== X-Gm-Message-State: AOJu0Yz1DCrpxPOiIjhz4YtoUgB52yZPLfHrqZoQYLQn0GbmbGl3iL4I 6dk5ishaKoYGtmrYs9tVbvThAZRhMxM= X-Google-Smtp-Source: AGHT+IF6ALdEMXBYoeJ7CIdHufJywPi/IufSa7Prm6dEraQzJwnXm0HtasGrF4WkX325yQQF9bOmpQ== X-Received: by 2002:a05:6870:6b8c:b0:1fa:56f:42cd with SMTP id ms12-20020a0568706b8c00b001fa056f42cdmr12523931oab.25.1701053650941; Sun, 26 Nov 2023 18:54:10 -0800 (PST) Received: from localhost.localdomain (070-114-247-242.res.spectrum.com. [70.114.247.242]) by smtp.gmail.com with ESMTPSA id ti3-20020a056871890300b001f9e3731545sm1818846oab.11.2023.11.26.18.54.10 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 26 Nov 2023 18:54:10 -0800 (PST) From: Denis Kenzior To: iwd@lists.linux.dev Cc: Denis Kenzior Subject: [PATCH 4/6] netdev: Do not leak l_genl_msg on error Date: Sun, 26 Nov 2023 20:53:01 -0600 Message-ID: <20231127025320.1310543-4-denkenz@gmail.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20231127025320.1310543-1-denkenz@gmail.com> References: <20231127025320.1310543-1-denkenz@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 In netdev_retry_owe, if l_gen_family_send fails, the connect_cmd is never freed or reset. Fix that. While here, use a stack variable instead of netdev member, since the use of such a member is unnecessary and confusing. --- src/netdev.c | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/src/netdev.c b/src/netdev.c index e7b502b1c3ba..03f9a77324db 100644 --- a/src/netdev.c +++ b/src/netdev.c @@ -2561,10 +2561,12 @@ static void netdev_cmd_connect_cb(struct l_genl_msg *msg, void *user_data) static bool netdev_retry_owe(struct netdev *netdev) { + struct l_genl_msg *connect_cmd; + if (!owe_next_group(netdev->owe_sm)) return false; - netdev->connect_cmd = netdev_build_cmd_connect(netdev, + connect_cmd = netdev_build_cmd_connect(netdev, netdev->handshake, NULL, NULL, 0); netdev->connect_cmd_id = l_genl_family_send(nl80211, @@ -2572,12 +2574,11 @@ static bool netdev_retry_owe(struct netdev *netdev) netdev_cmd_connect_cb, netdev, NULL); - if (!netdev->connect_cmd_id) - return false; - - netdev->connect_cmd = NULL; + if (netdev->connect_cmd_id > 0) + return true; - return true; + l_genl_msg_unref(connect_cmd); + return false; } static void netdev_connect_event(struct l_genl_msg *msg, struct netdev *netdev) From patchwork Mon Nov 27 02:53:02 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Denis Kenzior X-Patchwork-Id: 13469028 Received: from mail-oa1-f41.google.com (mail-oa1-f41.google.com [209.85.160.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C27ED20F7 for ; Mon, 27 Nov 2023 02:54:12 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="X9G+reqI" Received: by mail-oa1-f41.google.com with SMTP id 586e51a60fabf-1fa2b8f7f27so750647fac.0 for ; Sun, 26 Nov 2023 18:54:12 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1701053652; x=1701658452; darn=lists.linux.dev; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Fz4VnnTexZBkuMES1PABrkFOftLFTnXgT69sxsL4e0I=; b=X9G+reqI8Ntgy50p/s6nxuuSJYQhsDbxHHjcvwHk5VA5V6nk4BodcrD4mKbCsq3vBj FC0FoNuSVTeguEKfXVBM56ubXXHKNgTBYmkI3GO8x9tIAqM06MLSFC1/hbXqNLTxTk+O c2/8Jpa0SjejEd9xYjHhKA7Y9gLiF2PTFctk34b/Ol+USD1FBR8N9zjrVWP5uDZCSPnW 3DSiNI67pWYzvFeudNrSJ+HNS2LbkL9GqWtGTpScv9Y7L4342Qoj7tFPKV03BQm9l7gi xfgM/hTphpSVHXEUtNznrJp7coGf3kvm5M7xHIHSFMhtFkfm2ACK+FskW+UkTRjw+gG+ h1nw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1701053652; x=1701658452; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Fz4VnnTexZBkuMES1PABrkFOftLFTnXgT69sxsL4e0I=; b=Tc8ntd1yDPHLfAwHEpSJVYd7mVhk8jNyXGSJJhA8XLlCGVrnhVT9+AT4VZ7XE/K5D9 +nFD6LAq4iuoGLblqbvTTDQ5A2lbPgtnAkC4PCNrX/wP1K25SMgC0AjlNEcb95CndaRn 3ocNBlMYZpFflbJ9HMKMyCVZPFpfSEMkBjnmV0gtSbLjrSNCehvnPV7RfPybgHi6V53K uaWXVZ624i6GQ4aKQeRrJJWwTAlE8Yjo4WFEGGMrrVFv7TDE+ec42mlINZ0jG+mmhoTx X/Tb0lml7u+DoGVO+woHvE/3RECMaTbzWYkh9sc5A54fF/NN/xeeLlGoZSt/n23IJVOO eBlQ== X-Gm-Message-State: AOJu0YzSRAb0WrvvB7am5CrVqsmgeODzxPgoMoGzJh64bcCvKkS/6DRn BteXafdWjMkF7SBtq73HeIDOXmkZdLs= X-Google-Smtp-Source: AGHT+IGA2x/GecXQE1GsjP7sa2EX7glN8FtMQzPetJclnkMRT2XKSrReSnVe7vQ4JZ9gOj/XYaBlfA== X-Received: by 2002:a05:6870:46a7:b0:1fa:1355:da45 with SMTP id a39-20020a05687046a700b001fa1355da45mr11391864oap.11.1701053651788; Sun, 26 Nov 2023 18:54:11 -0800 (PST) Received: from localhost.localdomain (070-114-247-242.res.spectrum.com. [70.114.247.242]) by smtp.gmail.com with ESMTPSA id ti3-20020a056871890300b001f9e3731545sm1818846oab.11.2023.11.26.18.54.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 26 Nov 2023 18:54:11 -0800 (PST) From: Denis Kenzior To: iwd@lists.linux.dev Cc: Denis Kenzior Subject: [PATCH 5/6] netdev: Fix buffer overflow with 32 character ssids Date: Sun, 26 Nov 2023 20:53:02 -0600 Message-ID: <20231127025320.1310543-5-denkenz@gmail.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20231127025320.1310543-1-denkenz@gmail.com> References: <20231127025320.1310543-1-denkenz@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 ssid is declared as a 32 byte field in handshake_state, hence using it as a string which is assumed to be nul-terminated will fail for SSIDs that are 32 bytes long. Fixes: 1f1478285725 ("wiphy: add _generate_address_from_ssid") Fixes: 5a1b1184fca6 ("netdev: support per-network MAC addresses") --- src/netdev.c | 3 ++- src/wiphy.c | 5 +++-- src/wiphy.h | 3 ++- 3 files changed, 7 insertions(+), 4 deletions(-) diff --git a/src/netdev.c b/src/netdev.c index 03f9a77324db..9e6e1c6fb82e 100644 --- a/src/netdev.c +++ b/src/netdev.c @@ -3527,7 +3527,8 @@ static int netdev_start_powered_mac_change(struct netdev *netdev) /* No address set in handshake, use per-network MAC generation */ if (l_memeqzero(netdev->handshake->spa, ETH_ALEN)) wiphy_generate_address_from_ssid(netdev->wiphy, - (const char *)netdev->handshake->ssid, + netdev->handshake->ssid, + netdev->handshake->ssid_len, new_addr); else memcpy(new_addr, netdev->handshake->spa, ETH_ALEN); diff --git a/src/wiphy.c b/src/wiphy.c index 570f54155717..766df348754f 100644 --- a/src/wiphy.c +++ b/src/wiphy.c @@ -796,12 +796,13 @@ void wiphy_generate_random_address(struct wiphy *wiphy, uint8_t addr[static 6]) wiphy_address_constrain(wiphy, addr); } -void wiphy_generate_address_from_ssid(struct wiphy *wiphy, const char *ssid, +void wiphy_generate_address_from_ssid(struct wiphy *wiphy, + const uint8_t *ssid, size_t ssid_len, uint8_t addr[static 6]) { struct l_checksum *sha = l_checksum_new(L_CHECKSUM_SHA256); - l_checksum_update(sha, ssid, strlen(ssid)); + l_checksum_update(sha, ssid, ssid_len); l_checksum_update(sha, wiphy->permanent_addr, sizeof(wiphy->permanent_addr)); l_checksum_get_digest(sha, addr, mac_randomize_bytes); diff --git a/src/wiphy.h b/src/wiphy.h index 999d0c57a926..bc82a00721e7 100644 --- a/src/wiphy.h +++ b/src/wiphy.h @@ -146,7 +146,8 @@ const uint8_t *wiphy_get_ht_capabilities(const struct wiphy *wiphy, enum band_freq band, size_t *size); void wiphy_generate_random_address(struct wiphy *wiphy, uint8_t addr[static 6]); -void wiphy_generate_address_from_ssid(struct wiphy *wiphy, const char *ssid, +void wiphy_generate_address_from_ssid(struct wiphy *wiphy, + const uint8_t *ssid, size_t ssid_len, uint8_t addr[static 6]); int wiphy_estimate_data_rate(struct wiphy *wiphy, From patchwork Mon Nov 27 02:53:03 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Denis Kenzior X-Patchwork-Id: 13469029 Received: from mail-oa1-f52.google.com (mail-oa1-f52.google.com [209.85.160.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6A31D2101 for ; Mon, 27 Nov 2023 02:54:13 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="AUDClRXL" Received: by mail-oa1-f52.google.com with SMTP id 586e51a60fabf-1fa235f8026so981570fac.3 for ; Sun, 26 Nov 2023 18:54:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1701053652; x=1701658452; darn=lists.linux.dev; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=hKDgGHMrWORPgBvpnyVLaY7eQykmoBEiF76/XPWnxp8=; b=AUDClRXLix6vhdbTk049vlqvyqsI3jouv7ROgFKGAm2Pnv0TB6+tYEwOk/LyfFdKFU 6EaYTkTnDF1lZL98MXNj57qmqxIZgKhI+JqS5TBaZhVsSNdHSYzq9OGcUCkZ/RB7lBEx OBNZtQZui9cj3jKmRJhmrr/1oona52w2iy7aXOWWzV770p2twTXO7iIA5ed7sav+CTRI TRIO9eY7QTJmZ4DW2u2huH190tji7junBdqgdEcB2RB59OKbA2M6/1tPjqDxFJ/l8AM/ HtOIK+m1p/g+sUXKzybELy1QbV/C0xaX/QjVnIKY4+y7TlbpH41wO+XdYM7yUmkEBJXp 4uhQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1701053652; x=1701658452; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=hKDgGHMrWORPgBvpnyVLaY7eQykmoBEiF76/XPWnxp8=; b=plIuZtuqVuZZ+j3X2A3JerpAF+DShW4KzUIIJaqupwxyCR73EysruwDeNor3gnjQfo tq/0J1Tf+5SVsXAgqZkI3pAGdTFPCB38f8B4/qsk+twRhc37j3NpXMSmvczbygMvMjRk aMqgdMsNWthhjl/eOUM5Ft6o1AlujRq5M4MjkjRfjAaOdVDn7WHJZdJGhbXVcCmI5rNH hR0XREOv95tgcvDlqX1H+/sHqvFe5WerexhYb3sM5NDhaIvgBGPH/n8k+c2RW43SOTCO TmaloClTqywu17yGFGa1KIliaAY7XdrB8nY6GddFOG8bFizwGn78Gzcrp1MBhDH+QUyi 6gIA== X-Gm-Message-State: AOJu0YzWnBUFbfz0s8gQOyD2ek8CIwMK9/MikLFXRkpcnCfQ32SHEHDa +rzsznvjOFaLpfvLEypeUXAIER0KQlM= X-Google-Smtp-Source: AGHT+IF2S72t3jkGTz6WB+Uys68KN/mZt+LEo306zvCxxscmNAJXp1fNSQVpZRKcIMohTLyzyA3lYA== X-Received: by 2002:a05:6870:15c5:b0:1fa:3486:258a with SMTP id k5-20020a05687015c500b001fa3486258amr6385807oad.18.1701053652388; Sun, 26 Nov 2023 18:54:12 -0800 (PST) Received: from localhost.localdomain (070-114-247-242.res.spectrum.com. [70.114.247.242]) by smtp.gmail.com with ESMTPSA id ti3-20020a056871890300b001f9e3731545sm1818846oab.11.2023.11.26.18.54.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 26 Nov 2023 18:54:12 -0800 (PST) From: Denis Kenzior To: iwd@lists.linux.dev Cc: Denis Kenzior Subject: [PATCH 6/6] erp: Fix buffer overflow for 32 byte SSIDs Date: Sun, 26 Nov 2023 20:53:03 -0600 Message-ID: <20231127025320.1310543-6-denkenz@gmail.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20231127025320.1310543-1-denkenz@gmail.com> References: <20231127025320.1310543-1-denkenz@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 ssid is declared as a 32 byte field in handshake_state, hence using it as a string which is assumed to be nul-terminated will fail for SSIDs that are 32 bytes long. Fixes: d938d362b212 ("erp: ERP implementation and key cache move") Fixes: 433373fe28a4 ("eapol: cache ERP keys on EAP success") --- src/eapol.c | 2 +- src/erp.c | 10 ++++++++-- src/erp.h | 2 +- 3 files changed, 10 insertions(+), 4 deletions(-) diff --git a/src/eapol.c b/src/eapol.c index 6fb2f3068f0b..3d7b3d38fbcd 100644 --- a/src/eapol.c +++ b/src/eapol.c @@ -2531,7 +2531,7 @@ static void eapol_eap_results_cb(const uint8_t *msk_data, size_t msk_len, if (sm->handshake->support_fils && emsk_data && session_id) erp_cache_add(eap_get_identity(sm->eap), session_id, session_len, emsk_data, emsk_len, - (const char *)sm->handshake->ssid); + sm->handshake->ssid, sm->handshake->ssid_len); return; diff --git a/src/erp.c b/src/erp.c index 2729cfc874b4..859233465e8b 100644 --- a/src/erp.c +++ b/src/erp.c @@ -160,13 +160,19 @@ static void erp_cache_entry_destroy(void *data) void erp_cache_add(const char *id, const void *session_id, size_t session_len, const void *emsk, size_t emsk_len, - const char *ssid) + const uint8_t *ssid, size_t ssid_len) { struct erp_cache_entry *entry; if (!unlikely(id || session_id || emsk)) return; + if (!util_ssid_is_utf8(ssid_len, ssid)) + return; + + if (util_ssid_is_hidden(ssid_len, ssid)) + return; + entry = l_new(struct erp_cache_entry, 1); entry->id = l_strdup(id); @@ -174,7 +180,7 @@ void erp_cache_add(const char *id, const void *session_id, entry->emsk_len = emsk_len; entry->session_id = l_memdup(session_id, session_len); entry->session_len = session_len; - entry->ssid = l_strdup(ssid); + entry->ssid = l_strndup((char *) ssid, ssid_len); entry->expire_time = l_time_offset(l_time_now(), ERP_DEFAULT_KEY_LIFETIME_US); diff --git a/src/erp.h b/src/erp.h index d2c9da9624a8..e844aa8ebf90 100644 --- a/src/erp.h +++ b/src/erp.h @@ -43,7 +43,7 @@ const void *erp_get_rmsk(struct erp_state *erp, size_t *rmsk_len); void erp_cache_add(const char *id, const void *session_id, size_t session_len, const void *emsk, size_t emsk_len, - const char *ssid); + const uint8_t *ssid, size_t ssid_len); void erp_cache_remove(const char *id);