Browse Source

New upstream version 0.23

upstream/latest upstream/0.23
Andreas Henriksson 3 years ago
parent
commit
7690b6f958
  1. 8
      ChangeLog
  2. 24
      Makefile.am
  3. 40
      Makefile.in
  4. 4
      README
  5. 19
      TODO
  6. 2
      client/agent.c
  7. 18
      client/dbus-proxy.c
  8. 11
      client/display.c
  9. 26
      client/station.c
  10. 22
      configure
  11. 4
      configure.ac
  12. 21
      ell/cert.c
  13. 1
      ell/cert.h
  14. 3
      ell/dbus-client.c
  15. 3
      ell/dbus-service.c
  16. 18
      ell/dhcp.c
  17. 2
      ell/genl.c
  18. 6
      ell/pem.c
  19. 2
      ell/tls-suites.c
  20. 7
      ell/tls.c
  21. 6
      ell/util.c
  22. 17
      monitor/main.c
  23. 28
      monitor/nlmon.c
  24. 12
      plugins/ofono.c
  25. 19
      src/agent.c
  26. 2
      src/agent.h
  27. 15
      src/anqp.c
  28. 3
      src/anqp.h
  29. 2
      src/ap.c
  30. 5
      src/backtrace.c
  31. 1
      src/crypto.c
  32. 3
      src/dbus.c
  33. 4
      src/eap-pwd.c
  34. 19
      src/eap-tls-common.c
  35. 4
      src/eap-ttls.c
  36. 17
      src/eap.c
  37. 4
      src/eap.h
  38. 24
      src/eapol.c
  39. 4
      src/eapol.h
  40. 5
      src/erp.c
  41. 20
      src/hotspot.c
  42. 8
      src/ie.c
  43. 27
      src/iwd.8
  44. 62
      src/iwd.conf.5
  45. 82
      src/iwd.conf.rst
  46. 11
      src/iwd.h
  47. 339
      src/iwd.network.5
  48. 241
      src/iwd.network.rst
  49. 30
      src/iwd.rst
  50. 63
      src/main.c
  51. 30
      src/manager.c
  52. 2
      src/mpdu.c
  53. 1
      src/mpdu.h
  54. 60
      src/netdev.c
  55. 11
      src/network.c
  56. 8
      src/owe.c
  57. 2
      src/p2putil.c
  58. 2
      src/rtnlutil.c
  59. 56
      src/sae.c
  60. 52
      src/scan.c
  61. 18
      src/util.c
  62. 32
      src/wiphy.c
  63. 5
      src/wiphy.h
  64. 1
      src/wsc.c
  65. 56
      tools/hwsim.1
  66. 11
      tools/hwsim.c
  67. 20
      tools/test-runner.c
  68. 8
      unit/test-eapol.c
  69. 8
      unit/test-wsc.c
  70. 56
      wired/ead.8
  71. 2
      wired/main.c

8
ChangeLog

@ -1,3 +1,11 @@
ver 0.23:
Fix issue with strict certificate chain checks.
Fix issue with parsing RSNE_ADVANCE information.
Fix issue with parsing RSN information for WPA1.
Fix issue with logic error in scan frequency validation.
Fix issue with integer overflow and authentication frames.
Add support for installing various manual pages.
ver 0.22:
Fix issue with hotplug and device capability detection.
Add support for IPv6 network configuration handling.

24
Makefile.am

@ -153,9 +153,12 @@ systemd_modload_DATA = src/pkcs8.conf
endif
if MANUAL_PAGES
dist_man_MANS =
man_MANS =
endif
manual_pages = src/iwd.8 src/iwd.conf.5 src/iwd.network.5 \
client/iwctl.1 monitor/iwmon.1 wired/ead.8 tools/hwsim.1
eap_sources = src/eap.c src/eap.h src/eap-private.h \
src/eap-wsc.c src/eap-wsc.h \
src/eap-md5.c \
@ -248,7 +251,7 @@ dbus_bus_DATA += src/net.connman.iwd.service
endif
if MANUAL_PAGES
dist_man_MANS += src/iwd.8 src/iwd.conf.5
man_MANS += src/iwd.8 src/iwd.conf.5 src/iwd.network.5
endif
endif
@ -272,7 +275,7 @@ client_iwctl_SOURCES = client/main.c \
client_iwctl_LDADD = $(ell_ldadd) -lreadline
if MANUAL_PAGES
dist_man_MANS += client/iwctl.1
man_MANS += client/iwctl.1
endif
endif
@ -297,7 +300,7 @@ monitor_iwmon_SOURCES = monitor/main.c linux/nl80211.h \
monitor_iwmon_LDADD = $(ell_ldadd)
if MANUAL_PAGES
dist_man_MANS += monitor/iwmon.1
man_MANS += monitor/iwmon.1
endif
endif
@ -322,7 +325,7 @@ dbus_bus_DATA += wired/net.connman.ead.service
endif
if MANUAL_PAGES
dist_man_MANS += wired/ead.8
man_MANS += wired/ead.8
endif
endif
@ -340,7 +343,7 @@ dist_dbus_data_DATA += tools/hwsim-dbus.conf
endif
if MANUAL_PAGES
dist_man_MANS += tools/hwsim.1
man_MANS += tools/hwsim.1
endif
endif
@ -504,9 +507,10 @@ TESTS = $(unit_tests)
EXTRA_DIST = src/genbuiltin src/iwd.service.in src/net.connman.iwd.service \
wired/ead.service.in wired/net.connman.ead.service \
src/pkcs8.conf src/iwd.rst wired/ead.rst \
client/iwctl.rst monitor/iwmon.rst tools/hwsim.rst \
doc/main.conf unit/gencerts.cnf
src/pkcs8.conf doc/main.conf unit/gencerts.cnf \
$(manual_pages) $(patsubst %.1,%.rst, \
$(patsubst %.5,%.rst, \
$(patsubst %.8,%.rst,$(manual_pages))))
AM_CFLAGS = $(ell_cflags) -fvisibility=hidden \
-DUNITDIR=\""$(top_srcdir)/unit/"\" \
@ -525,7 +529,7 @@ DISTCHECK_CONFIGURE_FLAGS = --disable-dbus-policy --disable-systemd-service \
--enable-hwsim \
--enable-tools
DISTCLEANFILES = $(BUILT_SOURCES) $(unit_tests) $(dist_man_MANS)
DISTCLEANFILES = $(BUILT_SOURCES) $(unit_tests) $(manual_pages)
MAINTAINERCLEANFILES = Makefile.in configure config.h.in aclocal.m4

40
Makefile.in

@ -102,7 +102,7 @@ noinst_PROGRAMS = $(am__EXEEXT_6) $(am__EXEEXT_9)
@DAEMON_TRUE@@SYSTEMD_SERVICE_TRUE@am__append_7 = src/iwd.service
@DAEMON_TRUE@@SYSTEMD_SERVICE_TRUE@am__append_8 = src/iwd.service
@DAEMON_TRUE@@SYSTEMD_SERVICE_TRUE@am__append_9 = src/net.connman.iwd.service
@DAEMON_TRUE@@MANUAL_PAGES_TRUE@am__append_10 = src/iwd.8 src/iwd.conf.5
@DAEMON_TRUE@@MANUAL_PAGES_TRUE@am__append_10 = src/iwd.8 src/iwd.conf.5 src/iwd.network.5
@CLIENT_TRUE@am__append_11 = client/iwctl
@CLIENT_TRUE@@MANUAL_PAGES_TRUE@am__append_12 = client/iwctl.1
@MONITOR_TRUE@am__append_13 = monitor/iwmon
@ -642,7 +642,7 @@ man1dir = $(mandir)/man1
man5dir = $(mandir)/man5
man8dir = $(mandir)/man8
NROFF = nroff
MANS = $(dist_man_MANS)
MANS = $(man_MANS)
am__dist_dbus_data_DATA_DIST = src/iwd-dbus.conf wired/ead-dbus.conf \
tools/hwsim-dbus.conf
DATA = $(dbus_bus_DATA) $(dist_dbus_data_DATA) $(systemd_modload_DATA) \
@ -845,8 +845,8 @@ TEST_LOGS = $(am__test_logs2:.test.log=.log)
TEST_LOG_DRIVER = $(SHELL) $(top_srcdir)/build-aux/test-driver
TEST_LOG_COMPILE = $(TEST_LOG_COMPILER) $(AM_TEST_LOG_FLAGS) \
$(TEST_LOG_FLAGS)
am__DIST_COMMON = $(dist_man_MANS) $(srcdir)/Makefile.in \
$(srcdir)/config.h.in $(top_srcdir)/build-aux/compile \
am__DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/config.h.in \
$(top_srcdir)/build-aux/compile \
$(top_srcdir)/build-aux/config.guess \
$(top_srcdir)/build-aux/config.sub \
$(top_srcdir)/build-aux/depcomp \
@ -1137,9 +1137,12 @@ builtin_sources = $(am__append_3) $(am__append_5)
@SYSTEMD_SERVICE_TRUE@dbus_bus_DATA = $(am__append_9) $(am__append_19)
@SYSTEMD_SERVICE_TRUE@systemd_modloaddir = @SYSTEMD_MODLOADDIR@
@SYSTEMD_SERVICE_TRUE@systemd_modload_DATA = src/pkcs8.conf
@MANUAL_PAGES_TRUE@dist_man_MANS = $(am__append_10) $(am__append_12) \
@MANUAL_PAGES_TRUE@man_MANS = $(am__append_10) $(am__append_12) \
@MANUAL_PAGES_TRUE@ $(am__append_14) $(am__append_20) \
@MANUAL_PAGES_TRUE@ $(am__append_23)
manual_pages = src/iwd.8 src/iwd.conf.5 src/iwd.network.5 \
client/iwctl.1 monitor/iwmon.1 wired/ead.8 tools/hwsim.1
eap_sources = src/eap.c src/eap.h src/eap-private.h \
src/eap-wsc.c src/eap-wsc.h \
src/eap-md5.c \
@ -1392,9 +1395,10 @@ unit_test_p2p_SOURCES = unit/test-p2p.c src/wscutil.h src/wscutil.c \
unit_test_p2p_LDADD = $(ell_ldadd)
EXTRA_DIST = src/genbuiltin src/iwd.service.in src/net.connman.iwd.service \
wired/ead.service.in wired/net.connman.ead.service \
src/pkcs8.conf src/iwd.rst wired/ead.rst \
client/iwctl.rst monitor/iwmon.rst tools/hwsim.rst \
doc/main.conf unit/gencerts.cnf
src/pkcs8.conf doc/main.conf unit/gencerts.cnf \
$(manual_pages) $(patsubst %.1,%.rst, \
$(patsubst %.5,%.rst, \
$(patsubst %.8,%.rst,$(manual_pages))))
AM_CFLAGS = $(ell_cflags) -fvisibility=hidden \
-DUNITDIR=\""$(top_srcdir)/unit/"\" \
@ -1407,7 +1411,7 @@ DISTCHECK_CONFIGURE_FLAGS = --disable-dbus-policy --disable-systemd-service \
--enable-hwsim \
--enable-tools
DISTCLEANFILES = $(BUILT_SOURCES) $(unit_tests) $(dist_man_MANS)
DISTCLEANFILES = $(BUILT_SOURCES) $(unit_tests) $(manual_pages)
MAINTAINERCLEANFILES = Makefile.in configure config.h.in aclocal.m4
true_redirect_openssl = 2>&1
false_redirect_openssl = 2>/dev/null
@ -2212,10 +2216,10 @@ clean-libtool:
distclean-libtool:
-rm -f libtool config.lt
install-man1: $(dist_man_MANS)
install-man1: $(man_MANS)
@$(NORMAL_INSTALL)
@list1=''; \
list2='$(dist_man_MANS)'; \
list2='$(man_MANS)'; \
test -n "$(man1dir)" \
&& test -n "`echo $$list1$$list2`" \
|| exit 0; \
@ -2250,15 +2254,15 @@ uninstall-man1:
@$(NORMAL_UNINSTALL)
@list=''; test -n "$(man1dir)" || exit 0; \
files=`{ for i in $$list; do echo "$$i"; done; \
l2='$(dist_man_MANS)'; for i in $$l2; do echo "$$i"; done | \
l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \
sed -n '/\.1[a-z]*$$/p'; \
} | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \
-e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \
dir='$(DESTDIR)$(man1dir)'; $(am__uninstall_files_from_dir)
install-man5: $(dist_man_MANS)
install-man5: $(man_MANS)
@$(NORMAL_INSTALL)
@list1=''; \
list2='$(dist_man_MANS)'; \
list2='$(man_MANS)'; \
test -n "$(man5dir)" \
&& test -n "`echo $$list1$$list2`" \
|| exit 0; \
@ -2293,15 +2297,15 @@ uninstall-man5:
@$(NORMAL_UNINSTALL)
@list=''; test -n "$(man5dir)" || exit 0; \
files=`{ for i in $$list; do echo "$$i"; done; \
l2='$(dist_man_MANS)'; for i in $$l2; do echo "$$i"; done | \
l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \
sed -n '/\.5[a-z]*$$/p'; \
} | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \
-e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \
dir='$(DESTDIR)$(man5dir)'; $(am__uninstall_files_from_dir)
install-man8: $(dist_man_MANS)
install-man8: $(man_MANS)
@$(NORMAL_INSTALL)
@list1=''; \
list2='$(dist_man_MANS)'; \
list2='$(man_MANS)'; \
test -n "$(man8dir)" \
&& test -n "`echo $$list1$$list2`" \
|| exit 0; \
@ -2336,7 +2340,7 @@ uninstall-man8:
@$(NORMAL_UNINSTALL)
@list=''; test -n "$(man8dir)" || exit 0; \
files=`{ for i in $$list; do echo "$$i"; done; \
l2='$(dist_man_MANS)'; for i in $$l2; do echo "$$i"; done | \
l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \
sed -n '/\.8[a-z]*$$/p'; \
} | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \
-e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \

4
README

@ -61,7 +61,9 @@ Manual pages
The manual pages are generated from reStructuredText markup source files
during the normal build process. The generation requires the rst2man utility
from Python Docutils project.
from Python Docutils project. If rst2man is for some reason not available,
using --disable-manual-pages will skip the manual pages generation and
installation.
When building from the tarballs, a copy of the generated manual pages is
included and the rst2man utility is actually not needed.

19
TODO

@ -158,25 +158,6 @@ Wireless simulator
Wireless daemon
===============
- Let EAP methods configure timeouts
Different EAP methods might have different recommendations for various
timeouts. E.g. retransmit timeout, overall timeout, etc. The EAP framework
should be updated to enable EAP methods to configure these timeouts
accordingly. A sane default should also be provided.
Priority: High
Complexity: C2
- EAPoL should take EAP timeouts into consideration
EAPoL state machine currently uses its own (very short) timeout for the
4-Way handshake / session key generation. This timeout does not take into
account the fact that EAP authentication might need to be performed first.
Priority: High
Complexity: C1
- Add unit test data with 2nd RSNE in Authenticator 3/4 message
The specification allows the AP to send a second RSN element in its 4-way

2
client/agent.c

@ -240,7 +240,7 @@ static struct l_dbus_message *request_user_password_command_option(
struct l_dbus_message *message)
{
struct l_dbus_message *reply;
const char *password;
const char *password = NULL;
command_option_get(COMMAND_OPTION_PASSWORD, &password);
if (!password)

18
client/dbus-proxy.c

@ -651,7 +651,9 @@ static void interfaces_added_callback(struct l_dbus_message *message,
if (dbus_message_has_error(message))
return;
l_dbus_message_get_arguments(message, "oa{sa{sv}}", &path, &object);
if (!l_dbus_message_get_arguments(message, "oa{sa{sv}}", &path,
&object))
return;
proxy_interface_create(path, &object);
}
@ -667,7 +669,8 @@ static void interfaces_removed_callback(struct l_dbus_message *message,
if (dbus_message_has_error(message))
return;
l_dbus_message_get_arguments(message, "oas", &path, &interfaces);
if (!l_dbus_message_get_arguments(message, "oas", &path, &interfaces))
return;
while (l_dbus_message_iter_next_entry(&interfaces, &interface)) {
proxy = proxy_interface_find(interface, path);
@ -699,7 +702,16 @@ static void get_managed_objects_callback(struct l_dbus_message *message,
return;
}
l_dbus_message_get_arguments(message, "a{oa{sa{sv}}}", &objects);
if (!l_dbus_message_get_arguments(message, "a{oa{sa{sv}}}", &objects)) {
l_error("Failed to parse IWD dbus objects, quitting...\n");
if (!command_is_interactive_mode())
command_set_exit_status(EXIT_FAILURE);
l_main_quit();
return;
}
while (l_dbus_message_iter_next_entry(&objects, &path, &object))
proxy_interface_create(path, &object);

11
client/display.c

@ -180,7 +180,8 @@ void display_refresh_set_cmd(const char *family, const char *entity,
return;
}
if (display_refresh.family && !strcmp(display_refresh.family, family)) {
if (display_refresh.family && family &&
!strcmp(display_refresh.family, family)) {
struct l_string *buf = l_string_new(128);
L_AUTO_FREE_VAR(char *, args);
char *prompt;
@ -205,10 +206,10 @@ void display_refresh_set_cmd(const char *family, const char *entity,
args = l_string_unwrap(buf);
prompt = l_strdup_printf(IWD_PROMPT"%s%s%s %s %s\n",
family ? : "",
entity ? " " : "", entity ? : "",
cmd->cmd ? : "", args ? : "");
prompt = l_strdup_printf(IWD_PROMPT"%s%s%s %s %s\n", family,
entity ? " " : "",
entity ? : "",
cmd->cmd ? : "", args ? : "");
l_queue_push_tail(display_refresh.redo_entries, prompt);
display_refresh.undo_lines++;

26
client/station.c

@ -338,7 +338,6 @@ static void ordered_networks_display(struct l_queue *ordered_networks)
{
char *dbms = NULL;
const struct l_queue_entry *entry;
bool is_first;
display_table_header("Available networks", "%s%-*s%-*s%-*s%*s",
MARGIN, 2, "", 32, "Network name",
@ -351,7 +350,7 @@ static void ordered_networks_display(struct l_queue *ordered_networks)
return;
}
for (is_first = true, entry = l_queue_get_entries(ordered_networks);
for (entry = l_queue_get_entries(ordered_networks);
entry; entry = entry->next) {
struct ordered_network *network = entry->data;
const struct proxy_interface *network_i =
@ -362,24 +361,17 @@ static void ordered_networks_display(struct l_queue *ordered_networks)
if (display_signal_as_dbms)
dbms = l_strdup_printf("%d", network->signal_strength);
if (is_first && network_is_connected(network_i)) {
display("%s%-*s%-*s%-*s%-*s\n", MARGIN,
2, COLOR_BOLDGRAY "> " COLOR_OFF,
32, network_name, 10, network_type,
6, display_signal_as_dbms ? dbms :
dbms_tostars(network->signal_strength));
display("%s%-*s%-*s%-*s%-*s\n", MARGIN, 2,
network_is_connected(network_i) ?
COLOR_BOLDGRAY "> " COLOR_OFF : "",
32, network_name, 10, network_type,
6, display_signal_as_dbms ? dbms :
dbms_tostars(network->signal_strength));
if (display_signal_as_dbms) {
l_free(dbms);
is_first = false;
continue;
dbms = NULL;
}
display("%s%-*s%-*s%-*s%-*s\n", MARGIN, 2, "",
32, network_name, 10, network_type,
6, display_signal_as_dbms ? dbms :
dbms_tostars(network->signal_strength));
l_free(dbms);
}
display_table_footer();

22
configure

@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
# Generated by GNU Autoconf 2.69 for iwd 0.22.
# Generated by GNU Autoconf 2.69 for iwd 0.23.
#
#
# Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc.
@ -587,8 +587,8 @@ MAKEFLAGS=
# Identity of this package.
PACKAGE_NAME='iwd'
PACKAGE_TARNAME='iwd'
PACKAGE_VERSION='0.22'
PACKAGE_STRING='iwd 0.22'
PACKAGE_VERSION='0.23'
PACKAGE_STRING='iwd 0.23'
PACKAGE_BUGREPORT=''
PACKAGE_URL=''
@ -1391,7 +1391,7 @@ if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
\`configure' configures iwd 0.22 to adapt to many kinds of systems.
\`configure' configures iwd 0.23 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@ -1462,7 +1462,7 @@ fi
if test -n "$ac_init_help"; then
case $ac_init_help in
short | recursive ) echo "Configuration of iwd 0.22:";;
short | recursive ) echo "Configuration of iwd 0.23:";;
esac
cat <<\_ACEOF
@ -1608,7 +1608,7 @@ fi
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
iwd configure 0.22
iwd configure 0.23
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
@ -1973,7 +1973,7 @@ cat >config.log <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
It was created by iwd $as_me 0.22, which was
It was created by iwd $as_me 0.23, which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
@ -2841,7 +2841,7 @@ fi
# Define the identity of the package.
PACKAGE='iwd'
VERSION='0.22'
VERSION='0.23'
cat >>confdefs.h <<_ACEOF
@ -13231,7 +13231,7 @@ if (test "${enable_external_ell}" = "yes"); then
test "${enable_monitor}" != "no" ||
test "${enable_wired}" = "yes" ||
test "${enable_hwsim}" = "yes"); then
ell_min_version="0.24"
ell_min_version="0.25"
else
ell_min_version="0.5"
fi
@ -13978,7 +13978,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
This file was extended by iwd $as_me 0.22, which was
This file was extended by iwd $as_me 0.23, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@ -14044,7 +14044,7 @@ _ACEOF
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
iwd config.status 0.22
iwd config.status 0.23
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"

4
configure.ac

@ -1,5 +1,5 @@
AC_PREREQ(2.60)
AC_INIT(iwd, 0.22)
AC_INIT(iwd, 0.23)
AC_CONFIG_HEADERS(config.h)
AC_CONFIG_AUX_DIR(build-aux)
@ -244,7 +244,7 @@ if (test "${enable_external_ell}" = "yes"); then
test "${enable_monitor}" != "no" ||
test "${enable_wired}" = "yes" ||
test "${enable_hwsim}" = "yes"); then
ell_min_version="0.24"
ell_min_version="0.25"
else
ell_min_version="0.5"
fi

21
ell/cert.c

@ -356,27 +356,6 @@ LIB_EXPORT void l_certchain_walk_from_ca(struct l_certchain *chain,
break;
}
LIB_EXPORT bool l_certchain_find(struct l_certchain *chain,
struct l_queue *ca_certs)
{
if (unlikely(!chain || !chain->leaf))
return false;
/* Nothing to do if no CA certificates supplied */
if (!ca_certs)
return true;
/*
* Also nothing to do if the user already supplied a working
* certificate chain.
*/
if (l_certchain_verify(chain, ca_certs, NULL))
return true;
/* Actual search for a chain to the CA cert is unimplemented, fail */
return false;
}
static struct l_keyring *cert_set_to_keyring(struct l_queue *certs, char *error)
{
struct l_keyring *ring;

1
ell/cert.h

@ -56,7 +56,6 @@ void l_certchain_walk_from_leaf(struct l_certchain *chain,
void l_certchain_walk_from_ca(struct l_certchain *chain,
l_cert_walk_cb_t cb, void *user_data);
bool l_certchain_find(struct l_certchain *chain, struct l_queue *ca_certs);
bool l_certchain_verify(struct l_certchain *chain, struct l_queue *ca_certs,
const char **error);

3
ell/dbus-client.c

@ -546,7 +546,8 @@ static void get_managed_objects_reply(struct l_dbus_message *message,
if (l_dbus_message_is_error(message))
return;
l_dbus_message_get_arguments(message, "a{oa{sa{sv}}}", &objects);
if (!l_dbus_message_get_arguments(message, "a{oa{sa{sv}}}", &objects))
return;
while (l_dbus_message_iter_next_entry(&objects, &path, &object))
parse_object(client, path, &object);

3
ell/dbus-service.c

@ -1614,7 +1614,8 @@ bool _dbus_object_tree_remove_interface(struct _dbus_object_tree *tree,
match_object_manager_path,
(char *) path);
object_manager_free(manager);
if (manager)
object_manager_free(manager);
}
for (entry = l_queue_get_entries(tree->object_managers); entry;

18
ell/dhcp.c

@ -460,7 +460,7 @@ static uint16_t dhcp_attempt_secs(uint64_t start)
*/
static uint64_t dhcp_fuzz_secs(uint32_t secs)
{
uint64_t ms = secs * 1000;
uint64_t ms = secs * 1000ULL;
uint32_t r = l_getrandom_uint32();
/*
@ -941,8 +941,11 @@ static void dhcp_client_rx_message(const void *data, size_t len, void *userdata)
CLIENT_ENTER_STATE(DHCP_STATE_REQUESTING);
client->attempt = 1;
if (dhcp_client_send_request(client) < 0)
goto error;
if (dhcp_client_send_request(client) < 0) {
l_dhcp_client_stop(client);
return;
}
l_timeout_modify_ms(client->timeout_resend, dhcp_fuzz_secs(4));
break;
@ -950,9 +953,11 @@ static void dhcp_client_rx_message(const void *data, size_t len, void *userdata)
case DHCP_STATE_RENEWING:
case DHCP_STATE_REBINDING:
if (msg_type == DHCP_MESSAGE_TYPE_NAK) {
l_dhcp_client_stop(client);
dhcp_client_event_notify(client,
L_DHCP_CLIENT_EVENT_NO_LEASE);
goto error;
return;
}
if (msg_type != DHCP_MESSAGE_TYPE_ACK)
@ -993,11 +998,6 @@ static void dhcp_client_rx_message(const void *data, size_t len, void *userdata)
case DHCP_STATE_BOUND:
break;
}
return;
error:
l_dhcp_client_stop(client);
}
LIB_EXPORT struct l_dhcp_client *l_dhcp_client_new(uint32_t ifindex)

2
ell/genl.c

@ -755,7 +755,7 @@ static bool msg_grow(struct l_genl_msg *msg, uint32_t needed)
if (msg->size >= msg->len + needed)
return true;
grow_by = msg->size - needed;
grow_by = msg->len + needed - msg->size;
if (grow_by < 32)
grow_by = 128;

6
ell/pem.c

@ -266,6 +266,9 @@ LIB_EXPORT uint8_t *l_pem_load_file(const char *filename,
struct pem_file_info file;
uint8_t *result;
if (unlikely(!filename))
return NULL;
if (pem_file_open(&file, filename) < 0)
return NULL;
@ -374,6 +377,9 @@ LIB_EXPORT struct l_queue *l_pem_load_certificate_list(const char *filename)
struct pem_file_info file;
struct l_queue *list = NULL;
if (unlikely(!filename))
return NULL;
if (pem_file_open(&file, filename) < 0)
return NULL;

2
ell/tls-suites.c

@ -774,6 +774,7 @@ static bool tls_send_dhe_server_key_xchg(struct l_tls *tls)
goto free_params;
}
memset(public_buf, 0, sizeof(public_buf));
public_len = params->prime_len;
if (!l_key_compute_dh_public(params->generator, params->private,
@ -981,6 +982,7 @@ static bool tls_send_dhe_client_key_xchg(struct l_tls *tls)
size_t pre_master_secret_len;
public_len = params->prime_len;
memset(public_buf, 0, sizeof(public_buf));
if (!l_key_compute_dh_public(params->generator, params->private,
params->prime, public_buf,

7
ell/tls.c

@ -1094,13 +1094,6 @@ static bool tls_send_certificate(struct l_tls *tls)
return false;
}
if (tls->cert && !l_certchain_find(tls->cert, tls->ca_certs)) {
TLS_DISCONNECT(TLS_ALERT_INTERNAL_ERROR, TLS_ALERT_UNKNOWN_CA,
"Can't find certificate chain to local "
"CA cert");
return false;
}
/*
* TODO: check that the certificate is compatible with hash and
* signature algorithms lists supplied to us in the Client Hello

6
ell/util.c

@ -398,7 +398,8 @@ LIB_EXPORT char *l_util_hexstring_upper(const unsigned char *buf, size_t len)
* @str: Null-terminated string containing the hex-encoded bytes
* @out_len: Number of bytes decoded
*
* Returns: a newly allocated byte array
* Returns: a newly allocated byte array. Empty strings are treated as
* an error condition.
**/
LIB_EXPORT unsigned char *l_util_from_hexstring(const char *str,
size_t *out_len)
@ -420,6 +421,9 @@ LIB_EXPORT unsigned char *l_util_from_hexstring(const char *str,
return NULL;
}
if (!i)
return NULL;
if ((i % 2) != 0)
return NULL;

17
monitor/main.c

@ -221,6 +221,12 @@ static struct l_netlink *rtm_interface_send_message(struct l_netlink *rtnl,
return NULL;
}
if (!rtnl)
rtnl = l_netlink_new(NETLINK_ROUTE);
if (!rtnl)
return NULL;
bufsize = NLMSG_LENGTH(sizeof(struct ifinfomsg)) +
RTA_SPACE(ifname_len) + RTA_SPACE(0) +
RTA_SPACE(nlmon_type_len);
@ -231,12 +237,6 @@ static struct l_netlink *rtm_interface_send_message(struct l_netlink *rtnl,
rtmmsg->ifi_family = AF_UNSPEC;
rtmmsg->ifi_change = ~0;
if (!rtnl)
rtnl = l_netlink_new(NETLINK_ROUTE);
if (!rtnl)
return NULL;
rta_buf = rtmmsg + 1;
if (ifname)
@ -250,7 +250,6 @@ static struct l_netlink *rtm_interface_send_message(struct l_netlink *rtnl,
linkinfo_rta->rta_len = rta_buf - (void *) linkinfo_rta;
switch (rtm_msg_type) {
case RTM_NEWLINK:
rtmmsg->ifi_flags = IFF_UP | IFF_ALLMULTI | IFF_NOARP;
@ -275,8 +274,8 @@ static struct l_netlink *rtm_interface_send_message(struct l_netlink *rtnl,
default:
l_netlink_destroy(rtnl);
l_free(rtmmsg);
return NULL;
rtnl = NULL;
break;
}
l_free(rtmmsg);

28
monitor/nlmon.c

@ -3013,8 +3013,9 @@ static void print_p2p_channel_list(unsigned int level, const char *label,
while (size) {
uint8_t channels;
char str[128];
int pos = 0;
struct l_string *string;
char *str;
bool first = true;
if (size < 2 || size < 2 + bytes[1]) {
printf("malformed P2P %s\n", label);
@ -3025,11 +3026,18 @@ static void print_p2p_channel_list(unsigned int level, const char *label,
channels = *bytes++;
size -= 2 + channels;
while (channels--)
snprintf(str + pos, sizeof(str) - pos, "%s%u",
pos ? ", " : "", (int) *bytes++);
string = l_string_new(128);
while (channels--) {
l_string_append_printf(string, "%s%u",
first ? "" : ", ",
(int ) *bytes++);
first = false;
}
str = l_string_unwrap(string);
print_attr(level + 2, "%s", str);
l_free(str);
}
}
@ -3669,7 +3677,6 @@ static void print_authentication_mgmt_frame(unsigned int level,
{
const char *str;
const struct mmpdu_authentication *body;
struct ie_tlv_iter iter;
if (!mmpdu)
return;
@ -3710,13 +3717,8 @@ static void print_authentication_mgmt_frame(unsigned int level,
L_LE16_TO_CPU(body->transaction_sequence) > 3)
return;
ie_tlv_iter_init(&iter, body->ies, (const uint8_t *) mmpdu + size -
body->ies);
ie_tlv_iter_next(&iter);
print_attr(level + 1, "Challenge text: \"%s\" (%u)",
ie_tlv_iter_get_data(&iter),
ie_tlv_iter_get_length(&iter));
print_ie(level + 1, "IEs", body->ies,
(const uint8_t *) mmpdu + size - body->ies);
}
static void print_deauthentication_mgmt_frame(unsigned int level,

12
plugins/ofono.c

@ -624,7 +624,8 @@ static void interfaces_changed_cb(struct l_dbus_message *message,
struct l_dbus_message_iter value;
const char *key;
l_dbus_message_get_arguments(message, "sv", &key, &value);
if (!l_dbus_message_get_arguments(message, "sv", &key, &value))
return;
if (!strcmp(key, "Interfaces"))
parse_interfaces(&value, modem);
@ -718,10 +719,11 @@ static void get_modems_cb(struct l_dbus_message *reply, void *user_data)
modems = l_queue_new();
l_dbus_message_get_arguments(reply, "a(oa{sv})", &modem_list);
while (l_dbus_message_iter_next_entry(&modem_list, &path, &props))
parse_modem(path, &props);
if (l_dbus_message_get_arguments(reply, "a(oa{sv})", &modem_list)) {
while (l_dbus_message_iter_next_entry(&modem_list, &path,
&props))
parse_modem(path, &props);
}
/* watch for modems being added/removed */
modem_add_watch = l_dbus_add_signal_watch(dbus_get_bus(),

19
src/agent.c

@ -29,6 +29,7 @@
#include <ell/ell.h>
#include "src/dbus.h"
#include "src/agent.h"
#include "src/iwd.h"
static unsigned int next_request_id = 0;
@ -619,8 +620,10 @@ static bool release_agent(void *data, void *user_data)
return true;
}
bool agent_init(struct l_dbus *dbus)
static int agent_init(void)
{
struct l_dbus *dbus = dbus_get_bus();
agents = l_queue_new();
if (!l_dbus_register_interface(dbus, IWD_AGENT_MANAGER_INTERFACE,
@ -628,7 +631,7 @@ bool agent_init(struct l_dbus *dbus)
NULL, false)) {
l_info("Unable to register %s interface",
IWD_AGENT_MANAGER_INTERFACE);
return false;
return -EIO;
}
if (!l_dbus_object_add_interface(dbus, IWD_AGENT_MANAGER_PATH,
@ -637,24 +640,26 @@ bool agent_init(struct l_dbus *dbus)
l_info("Unable to register the agent manager object on '%s'",
IWD_AGENT_MANAGER_PATH);
l_dbus_unregister_interface(dbus, IWD_AGENT_MANAGER_INTERFACE);
return false;
return -EIO;
}
return true;
return 0;
}
bool agent_exit(struct l_dbus *dbus)
static void agent_exit(void)
{
struct l_dbus *dbus = dbus_get_bus();
l_dbus_unregister_object(dbus, IWD_AGENT_MANAGER_PATH);
l_dbus_unregister_interface(dbus, IWD_AGENT_MANAGER_INTERFACE);
l_queue_destroy(agents, agent_free);
agents = NULL;
return true;
}
void agent_shutdown(void)
{
l_queue_foreach_remove(agents, release_agent, NULL);
}
IWD_MODULE(agent, agent_init, agent_exit);

2
src/agent.h

@ -37,8 +37,6 @@ typedef void (*agent_request_user_name_passwd_func_t) (enum agent_result result,
void *user_data);
typedef void (*agent_request_destroy_func_t)(void *user_data);
bool agent_init(struct l_dbus *dbus);
bool agent_exit(struct l_dbus *dbus);
void agent_shutdown(void);
unsigned int agent_request_passphrase(const char *path,

15
src/anqp.c

@ -287,6 +287,9 @@ uint32_t anqp_request(uint32_t ifindex, const uint8_t *addr,
uint32_t duration = 300;
struct netdev *netdev = netdev_find(ifindex);
if (!netdev)
return 0;
/*
* TODO: Netdev dependencies will eventually be removed so we need
* another way to figure out wiphy capabilities.
@ -474,11 +477,11 @@ static void anqp_mlme_notify(struct l_genl_msg *msg, void *user_data)
}
}
bool anqp_init(struct l_genl_family *in)
static int anqp_init(void)
{
struct l_genl *genl = iwd_get_genl();
nl80211 = in;
nl80211 = l_genl_family_new(genl, NL80211_GENL_NAME);
anqp_requests = l_queue_new();
@ -492,13 +495,14 @@ bool anqp_init(struct l_genl_family *in)
NULL, NULL))
l_error("Registering for MLME notification failed");
return true;
return 0;
}
void anqp_exit(void)
static void anqp_exit(void)
{
struct l_genl *genl = iwd_get_genl();
l_genl_family_free(nl80211);
nl80211 = NULL;
l_queue_destroy(anqp_requests, anqp_destroy);
@ -507,3 +511,6 @@ void anqp_exit(void)
l_genl_remove_unicast_watch(genl, unicast_watch);
}
IWD_MODULE(anqp, anqp_init, anqp_exit);
IWD_MODULE_DEPENDS(anqp, netdev);

3
src/anqp.h

@ -38,6 +38,3 @@ uint32_t anqp_request(uint32_t ifindex, const uint8_t *addr,
struct scan_bss *bss, const uint8_t *anqp, size_t len,
anqp_response_func_t cb, void *user_data,
anqp_destroy_func_t destroy);
bool anqp_init(struct l_genl_family *in);
void anqp_exit(void);

2
src/ap.c

@ -951,7 +951,7 @@ bad_frame:
*
* For now, we need to drop the RSNA.
*/
if (sta && sta->associated && sta->rsna)
if (sta->associated && sta->rsna)
ap_drop_rsna(sta);
if (rates)

5
src/backtrace.c

@ -114,7 +114,7 @@ void __iwd_backtrace_print(unsigned int offset)
if (written < 0)
break;
len = read(infd[0], buf, sizeof(buf));
len = read(infd[0], buf, sizeof(buf) - 1);
if (len < 0)
break;
@ -130,6 +130,9 @@ void __iwd_backtrace_print(unsigned int offset)
}
ptr = strchr(pos, '\n');
if (!ptr)
continue;
*ptr++ = '\0';
if (strncmp(pos, program_path, pathlen) == 0)

1
src/crypto.c

@ -706,6 +706,7 @@ bool hkdf_extract(enum l_checksum_type type, const uint8_t *key,
}
if (!l_checksum_updatev(hmac, iov, num_args)) {
l_checksum_free(hmac);
va_end(va);
return false;
}

3
src/dbus.c

@ -210,12 +210,11 @@ struct l_dbus *dbus_get_bus(void)
bool dbus_init(struct l_dbus *dbus)
{
g_dbus = dbus;
return agent_init(dbus);
return true;
}
void dbus_exit(void)
{
agent_exit(g_dbus);
g_dbus = NULL;
}

4
src/eap-pwd.c

@ -115,8 +115,10 @@ static bool kdf(uint8_t *key, size_t key_len, const char *label,
iov[iov_pos].iov_base = &L;
iov[iov_pos++].iov_len = 2;
if (!l_checksum_updatev(hmac, iov, iov_pos))
if (!l_checksum_updatev(hmac, iov, iov_pos)) {
l_checksum_free(hmac);
return false;
}
l_checksum_get_digest(hmac, out + len, minsize(olen - len, 32));
l_checksum_free(hmac);

19
src/eap-tls-common.c

@ -900,16 +900,15 @@ int eap_tls_common_settings_check(struct l_settings *settings,
goto done;
}
if (!l_certchain_verify(cert, cacerts, &error_str)) {
if (cacerts)
l_error("Certificate chain %s is not trusted "
"by any CA in %s or fails verification"
": %s", client_cert, value, error_str);
else
l_error("Certificate chain %s fails "
"verification: %s",
client_cert, error_str);
/*
* Sanity check that certchain provided is valid. We do not
* verify the certchain against the provided CA, since the
* CA that issued user certificates might be different from
* the one that is used to verify the peer
*/
if (!l_certchain_verify(cert, NULL, &error_str)) {
l_error("Certificate chain %s fails verification: %s",
client_cert, error_str);
ret = -EINVAL;
goto done;
}

4
src/eap-ttls.c

@ -1089,7 +1089,7 @@ static bool eap_ttls_settings_load(struct eap_state *eap,
struct l_settings *settings,
const char *prefix)
{
struct phase2_method *phase2 = l_new(struct phase2_method, 1);
struct phase2_method *phase2;
const char *phase2_method_name;
char setting[72];
uint8_t i;
@ -1100,6 +1100,8 @@ static bool eap_ttls_settings_load(struct eap_state *eap,
if (!phase2_method_name)
return false;
phase2 = l_new(struct phase2_method, 1);
snprintf(setting, sizeof(setting), "%sTTLS-Phase2-", prefix);
for (i = 0; tunneled_non_eap_method_ops[i].name; i++) {

17
src/eap.c

@ -33,6 +33,7 @@
#include "src/missing.h"
#include "src/eap.h"
#include "src/eap-private.h"
#include "src/iwd.h"
static uint32_t default_mtu;
static struct l_queue *eap_methods;
@ -676,6 +677,12 @@ int eap_unregister_method(struct eap_method *method)
return -ENOENT;
}
void __eap_set_config(struct l_settings *config)
{
if (!l_settings_get_uint(config, "EAP", "mtu", &default_mtu))
default_mtu = 1400; /* on WiFi the real MTU is around 2304 */
}
static void __eap_method_enable(struct eap_method_desc *start,
struct eap_method_desc *stop)
{
@ -715,7 +722,7 @@ static void __eap_method_disable(struct eap_method_desc *start,
extern struct eap_method_desc __start___eap[];
extern struct eap_method_desc __stop___eap[];
void eap_init(uint32_t mtu)
int eap_init(void)
{
eap_methods = l_queue_new();
__eap_method_enable(__start___eap, __stop___eap);
@ -725,10 +732,10 @@ void eap_init(uint32_t mtu)
* EAP is capable of functioning on lower layers that
* provide an EAP MTU size of 1020 octets or greater.
*/
if (mtu == 0)
if (default_mtu == 0)
default_mtu = 1020;
else
default_mtu = mtu;
return 0;
}
void eap_exit(void)
@ -736,3 +743,5 @@ void eap_exit(void)
__eap_method_disable(__start___eap, __stop___eap);
l_queue_destroy(eap_methods, NULL);
}
IWD_MODULE(eap, eap_init, eap_exit);

4
src/eap.h

@ -93,5 +93,7 @@ const char *eap_get_identity(struct eap_state *eap);
void eap_rx_packet(struct eap_state *eap, const uint8_t *pkt, size_t len);
void eap_init(uint32_t default_mtu);
void __eap_set_config(struct l_settings *config);
int eap_init(void);
void eap_exit(void);

24
src/eapol.c

@ -40,6 +40,7 @@
#include "src/handshake.h"
#include "src/watchlist.h"
#include "src/erp.h"
#include "src/iwd.h"
static struct l_queue *state_machines;
static struct l_queue *preauths;
@ -885,9 +886,9 @@ struct eapol_sm *eapol_sm_new(struct handshake_state *hs)
void eapol_sm_free(struct eapol_sm *sm)
{
eapol_sm_destroy(sm);
l_queue_remove(state_machines, sm);
eapol_sm_destroy(sm);
}
void eapol_sm_set_listen_interval(struct eapol_sm *sm, uint16_t interval)
@ -1105,7 +1106,11 @@ static void eapol_handle_ptk_1_of_4(struct eapol_sm *sm,
pmkid = handshake_util_find_pmkid_kde(EAPOL_KEY_DATA(ek, sm->mic_len),
EAPOL_KEY_DATA_LEN(ek, sm->mic_len));
ie_parse_rsne_from_data(own_ie, own_ie[1] + 2, &rsn_info);
if (!sm->handshake->wpa_ie) {
if (ie_parse_rsne_from_data(own_ie, own_ie[1] + 2,
&rsn_info) < 0)
goto error_unspecified;
}
/*
* Require the PMKID KDE whenever we've sent a list of PMKIDs in
@ -1556,7 +1561,8 @@ static void eapol_handle_ptk_3_of_4(struct eapol_sm *sm,
const uint8_t *mde = sm->handshake->mde;
const uint8_t *fte = sm->handshake->fte;
ie_parse_rsne_from_data(rsne, rsne[1] + 2, &ie_info);
if (ie_parse_rsne_from_data(rsne, rsne[1] + 2, &ie_info) < 0)
goto error_ie_different;
if (ie_info.num_pmkids != 1 || memcmp(ie_info.pmkids,
sm->handshake->pmk_r1_name, 16))
@ -2705,16 +2711,16 @@ void __eapol_set_config(struct l_settings *config)
eapol_4way_handshake_time = 5;
}
bool eapol_init()
int eapol_init(void)
{
state_machines = l_queue_new();
preauths = l_queue_new();
watchlist_init(&frame_watches, &eapol_frame_watch_ops);
return true;
return 0;
}
bool eapol_exit()
void eapol_exit(void)
{
if (!l_queue_isempty(state_machines))
l_warn("stale eapol state machines found");
@ -2727,6 +2733,6 @@ bool eapol_exit()
l_queue_destroy(preauths, preauth_sm_destroy);
watchlist_destroy(&frame_watches);
return true;
}
IWD_MODULE(eapol, eapol_init, eapol_exit);

4
src/eapol.h

@ -128,5 +128,5 @@ struct preauth_sm *eapol_preauth_start(const uint8_t *aa,
eapol_preauth_destroy_func_t destroy);
void eapol_preauth_cancel(uint32_t ifindex);
bool eapol_init();
bool eapol_exit();
int eapol_init(void);
void eapol_exit(void);

5
src/erp.c

@ -509,8 +509,9 @@ int erp_rx_packet(struct erp_state *erp, const uint8_t *pkt, size_t len)
l_put_be16(64, ptr);
ptr += 2;
hkdf_expand(L_CHECKSUM_SHA256, erp->r_rk, erp->cache->emsk_len,
info, ptr - info, erp->rmsk, erp->cache->emsk_len);
if (!hkdf_expand(L_CHECKSUM_SHA256, erp->r_rk, erp->cache->emsk_len,
info, ptr - info, erp->rmsk, erp->cache->emsk_len))
goto eap_failed;
return 0;

20
src/hotspot.c

@ -320,7 +320,7 @@ static struct hs20_config *hs20_config_new(struct l_settings *settings,
char **nai_realms = NULL;
const char *rc_str;
char *name;
bool autoconnect = true;
bool autoconnect;
/* One of HESSID, NAI realms, or Roaming Consortium must be included */
hessid_str = l_settings_get_string(settings, "Hotspot", "HESSID");
@ -330,7 +330,9 @@ static struct hs20_config *hs20_config_new(struct l_settings *settings,
rc_str = l_settings_get_value(settings, "Hotspot", "RoamingConsortium");