diff options
author | Hai Shalom <haishalom@google.com> | 2019-05-29 11:54:04 -0700 |
---|---|---|
committer | Hai Shalom <haishalom@google.com> | 2019-05-29 22:11:34 +0000 |
commit | 6690473353af45e9c6572aa3fc575ef954c0f39b (patch) | |
tree | 5db9d656fb1b63a784fb643cb166a41c2c747ea4 | |
parent | 0803bc45979cf94dd8a009915a08a77bbb6dfdb0 (diff) | |
download | wpa_supplicant_8-6690473353af45e9c6572aa3fc575ef954c0f39b.tar.gz |
[wpa_supplicant] Fix a regression in storing of external_auth SSID/BSSID
An earlier change in drivers_ops API for struct external_auth broke the
way SSID and BSSID for an external authentication request were stored.
The implementation depended on the memory array being available in the
API struct with a use of memcpy() to copy the full structure even though
when only SSID and BSSID was needed. Fix this by replacing that
easy-to-break storing mechanism with explicit arrays for the exact set
of needed information.
Bug: 133798691
Test: Associate/disassociate to/from WPA3 SAE APs
Cherry-picked from: d42df8d6ce81d47aea8059c45e3db5c51897f7e8
Change-Id: I02e2703a3b0a8b6dd3163783a196ded4b8f200d3
-rw-r--r-- | wpa_supplicant/sme.c | 19 | ||||
-rw-r--r-- | wpa_supplicant/wpa_supplicant_i.h | 4 |
2 files changed, 15 insertions, 8 deletions
diff --git a/wpa_supplicant/sme.c b/wpa_supplicant/sme.c index 17a984d1..e2cc439e 100644 --- a/wpa_supplicant/sme.c +++ b/wpa_supplicant/sme.c @@ -965,9 +965,9 @@ static void sme_send_external_auth_status(struct wpa_supplicant *wpa_s, os_memset(¶ms, 0, sizeof(params)); params.status = status; - params.ssid = wpa_s->sme.ext_auth.ssid; - params.ssid_len = wpa_s->sme.ext_auth.ssid_len; - params.bssid = wpa_s->sme.ext_auth.bssid; + params.ssid = wpa_s->sme.ext_auth_ssid; + params.ssid_len = wpa_s->sme.ext_auth_ssid_len; + params.bssid = wpa_s->sme.ext_auth_bssid; wpa_drv_send_external_auth_status(wpa_s, ¶ms); } @@ -1032,8 +1032,13 @@ void sme_external_auth_trigger(struct wpa_supplicant *wpa_s, return; if (data->external_auth.action == EXT_AUTH_START) { - os_memcpy(&wpa_s->sme.ext_auth, data, - sizeof(struct external_auth)); + if (!data->external_auth.bssid || !data->external_auth.ssid) + return; + os_memcpy(wpa_s->sme.ext_auth_bssid, data->external_auth.bssid, + ETH_ALEN); + os_memcpy(wpa_s->sme.ext_auth_ssid, data->external_auth.ssid, + data->external_auth.ssid_len); + wpa_s->sme.ext_auth_ssid_len = data->external_auth.ssid_len; wpa_s->sme.seq_num = 0; wpa_s->sme.sae.state = SAE_NOTHING; wpa_s->sme.sae.send_confirm = 0; @@ -1091,7 +1096,7 @@ static int sme_sae_auth(struct wpa_supplicant *wpa_s, u16 auth_transaction, wpa_s->current_ssid, 2); else sme_external_auth_send_sae_commit( - wpa_s, wpa_s->sme.ext_auth.bssid, + wpa_s, wpa_s->sme.ext_auth_bssid, wpa_s->current_ssid); return 0; } @@ -1110,7 +1115,7 @@ static int sme_sae_auth(struct wpa_supplicant *wpa_s, u16 auth_transaction, wpa_s->current_ssid, 1); else sme_external_auth_send_sae_commit( - wpa_s, wpa_s->sme.ext_auth.bssid, + wpa_s, wpa_s->sme.ext_auth_bssid, wpa_s->current_ssid); return 0; } diff --git a/wpa_supplicant/wpa_supplicant_i.h b/wpa_supplicant/wpa_supplicant_i.h index a97353f4..7eef32c4 100644 --- a/wpa_supplicant/wpa_supplicant_i.h +++ b/wpa_supplicant/wpa_supplicant_i.h @@ -802,7 +802,9 @@ struct wpa_supplicant { int sae_group_index; unsigned int sae_pmksa_caching:1; u16 seq_num; - struct external_auth ext_auth; + u8 ext_auth_bssid[ETH_ALEN]; + u8 ext_auth_ssid[SSID_MAX_LEN]; + size_t ext_auth_ssid_len; #endif /* CONFIG_SAE */ } sme; #endif /* CONFIG_SME */ |