feedc0de/esp-idf
1
0
Fork 0
forked from espressif/esp-idf
Code Pull Requests Activity

Merge branch 'bugfix/rrm_dpp_task_delete_v4.4' into 'release/v4.4'

Browse Source 
wpa_supplicant: backport WLAN fixes (release v4.4)

See merge request espressif/esp-idf!17655
This commit is contained in:
Jiang Jiang Jian
2022-04-26 12:38:04 +08:00
parent 69a3bdacb0 2231a3bcbe
commit 36823b45cc
16 changed files with 152 additions and 75 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
components/wpa_supplicant/CMakeLists.txt
View File

@ -5,7 +5,6 @@ set(srcs "port/os_xtensa.c"
"src/ap/wpa_auth_ie.c" "src/ap/wpa_auth_ie.c"
"src/common/sae.c" "src/common/sae.c"
"src/common/wpa_common.c" "src/common/wpa_common.c"
"src/common/dpp.c"
"src/utils/bitfield.c" "src/utils/bitfield.c"
"src/crypto/aes-siv.c" "src/crypto/aes-siv.c"
"src/crypto/sha256-kdf.c" "src/crypto/sha256-kdf.c"
@ -59,8 +58,7 @@ set(esp_srcs "esp_supplicant/src/esp_wpa2.c"
"esp_supplicant/src/esp_wpa_main.c" "esp_supplicant/src/esp_wpa_main.c"
"esp_supplicant/src/esp_wpas_glue.c" "esp_supplicant/src/esp_wpas_glue.c"
"esp_supplicant/src/esp_wps.c" "esp_supplicant/src/esp_wps.c"
"esp_supplicant/src/esp_wpa3.c" "esp_supplicant/src/esp_wpa3.c")
"esp_supplicant/src/esp_dpp.c")
if(CONFIG_ESP_WIFI_SOFTAP_SUPPORT) if(CONFIG_ESP_WIFI_SOFTAP_SUPPORT)
set(esp_srcs ${esp_srcs} "esp_supplicant/src/esp_hostap.c") set(esp_srcs ${esp_srcs} "esp_supplicant/src/esp_hostap.c")
endif() endif()
@ -162,13 +160,22 @@ if(CONFIG_WPA_11KV_SUPPORT)
else() else()
set(roaming_src "") set(roaming_src "")
endif() endif()
if(CONFIG_WPA_MBO_SUPPORT) if(CONFIG_WPA_MBO_SUPPORT)
set(mbo_src "src/common/mbo.c") set(mbo_src "src/common/mbo.c")
else() else()
set(mbo_src "") set(mbo_src "")
endif() endif()
idf_component_register(SRCS "${srcs}" ${esp_srcs} "${tls_src}" "${roaming_src}" "${crypto_src}" "${mbo_src}" if(CONFIG_WPA_DPP_SUPPORT)
set(dpp_src "src/common/dpp.c"
"esp_supplicant/src/esp_dpp.c")
else()
set(dpp_src "")
endif()
idf_component_register(SRCS "${srcs}" ${esp_srcs} "${tls_src}" "${roaming_src}"
"${crypto_src}" "${mbo_src}" "${dpp_src}"
INCLUDE_DIRS include port/include esp_supplicant/include INCLUDE_DIRS include port/include esp_supplicant/include
PRIV_INCLUDE_DIRS src src/utils esp_supplicant/src PRIV_INCLUDE_DIRS src src/utils esp_supplicant/src
PRIV_REQUIRES mbedtls esp_timer) PRIV_REQUIRES mbedtls esp_timer)
@ -193,7 +200,6 @@ target_compile_definitions(${COMPONENT_LIB} PRIVATE
CONFIG_ECC CONFIG_ECC
CONFIG_IEEE80211W CONFIG_IEEE80211W
CONFIG_SHA256 CONFIG_SHA256
CONFIG_DPP
CONFIG_WNM CONFIG_WNM
) )
@ -219,4 +225,7 @@ endif()
if(CONFIG_WPA_MBO_SUPPORT) if(CONFIG_WPA_MBO_SUPPORT)
target_compile_definitions(${COMPONENT_LIB} PRIVATE CONFIG_MBO) target_compile_definitions(${COMPONENT_LIB} PRIVATE CONFIG_MBO)
endif() endif()
if(CONFIG_WPA_DPP_SUPPORT)
target_compile_definitions(${COMPONENT_LIB} PRIVATE CONFIG_DPP)
endif()
set_property(TARGET ${COMPONENT_LIB} APPEND PROPERTY LINK_INTERFACE_MULTIPLICITY 3) set_property(TARGET ${COMPONENT_LIB} APPEND PROPERTY LINK_INTERFACE_MULTIPLICITY 3)

21
components/wpa_supplicant/Kconfig
View File

@ -52,8 +52,8 @@ menu "Supplicant"
rigorously. Disabling this add the workaorunds with various APs. rigorously. Disabling this add the workaorunds with various APs.
Enabling this may cause inter operability issues with some APs. Enabling this may cause inter operability issues with some APs.
menuconfig WPA_11KV_SUPPORT config WPA_11KV_SUPPORT
bool "Enable 802.11k, 802.11v APIs handling in supplicant" bool "Enable 802.11k, 802.11v APIs handling"
default n default n
help help
Select this option to enable 802.11k 802.11v APIs(RRM and BTM support). Select this option to enable 802.11k 802.11v APIs(RRM and BTM support).
@ -68,7 +68,7 @@ menu "Supplicant"
and on the radio environment. Current implementation adds beacon report, and on the radio environment. Current implementation adds beacon report,
link measurement, neighbor report. link measurement, neighbor report.
menuconfig WPA_SCAN_CACHE config WPA_SCAN_CACHE
bool "Keep scan results in cache" bool "Keep scan results in cache"
depends on WPA_11KV_SUPPORT depends on WPA_11KV_SUPPORT
default n default n
@ -76,10 +76,19 @@ menu "Supplicant"
Keep scan results in cache, if not enabled, those Keep scan results in cache, if not enabled, those
will be flushed immediately. will be flushed immediately.
menuconfig WPA_MBO_SUPPORT config WPA_MBO_SUPPORT
bool "Enable MBO support in supplicant" bool "Enable MBO support"
depends on WPA_11KV_SUPPORT
default n default n
select WPA_11KV_SUPPORT
select WPA_SCAN_CACHE
help help
Select this option to enable WiFi Multiband operation certification support. Select this option to enable WiFi Multiband operation certification support.
config WPA_DPP_SUPPORT
bool "Enable DPP support"
default n
select WPA_MBEDTLS_CRYPTO
help
Select this option to enable WiFi Easy Connect Support.
endmenu endmenu

18
components/wpa_supplicant/esp_supplicant/include/esp_dpp.h
View File

@ -1,16 +1,8 @@
// Copyright 2020 Espressif Systems (Shanghai) PTE LTD /*
// * SPDX-FileCopyrightText: 2020-2022 Espressif Systems (Shanghai) CO LTD
// Licensed under the Apache License, Version 2.0 (the "License"); *
// you may not use this file except in compliance with the License. * SPDX-License-Identifier: Apache-2.0
// You may obtain a copy of the License at */
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef ESP_DPP_H #ifndef ESP_DPP_H
#define ESP_DPP_H #define ESP_DPP_H

69
components/wpa_supplicant/esp_supplicant/src/esp_common.c
View File

@ -1,5 +1,5 @@
/* /*
* SPDX-FileCopyrightText: 2020-2021 Espressif Systems (Shanghai) CO LTD * SPDX-FileCopyrightText: 2020-2022 Espressif Systems (Shanghai) CO LTD
* *
* SPDX-License-Identifier: Apache-2.0 * SPDX-License-Identifier: Apache-2.0
*/ */
@ -23,7 +23,7 @@
struct wpa_supplicant g_wpa_supp; struct wpa_supplicant g_wpa_supp;
static void *s_supplicant_task_hdl = NULL; static TaskHandle_t s_supplicant_task_hdl = NULL;
static void *s_supplicant_evt_queue = NULL; static void *s_supplicant_evt_queue = NULL;
static void *s_supplicant_api_lock = NULL; static void *s_supplicant_api_lock = NULL;
@ -214,10 +214,16 @@ static void supplicant_sta_disconn_handler(void* arg, esp_event_base_t event_bas
int32_t event_id, void* event_data) int32_t event_id, void* event_data)
{ {
struct wpa_supplicant *wpa_s = &g_wpa_supp; struct wpa_supplicant *wpa_s = &g_wpa_supp;
wifi_event_sta_disconnected_t *disconn = event_data;
wpas_rrm_reset(wpa_s); wpas_rrm_reset(wpa_s);
if (wpa_s->current_bss) { if (wpa_s->current_bss) {
wpa_s->current_bss = NULL; wpa_s->current_bss = NULL;
} }
if (disconn->reason != WIFI_REASON_ROAMING) {
clear_bssid_flag(wpa_s);
}
} }
static int ieee80211_handle_rx_frm(u8 type, u8 *frame, size_t len, u8 *sender, static int ieee80211_handle_rx_frm(u8 type, u8 *frame, size_t len, u8 *sender,
@ -262,18 +268,25 @@ int esp_supplicant_common_init(struct wpa_funcs *wpa_cb)
struct wpa_supplicant *wpa_s = &g_wpa_supp; struct wpa_supplicant *wpa_s = &g_wpa_supp;
int ret; int ret;
s_supplicant_evt_queue = xQueueCreate(3, sizeof(supplicant_event_t));
ret = xTaskCreate(btm_rrm_task, "btm_rrm_t", SUPPLICANT_TASK_STACK_SIZE, NULL, 2, s_supplicant_task_hdl);
if (ret != pdPASS) {
wpa_printf(MSG_ERROR, "btm: failed to create task");
return ret;
}
s_supplicant_api_lock = xSemaphoreCreateRecursiveMutex(); s_supplicant_api_lock = xSemaphoreCreateRecursiveMutex();
if (!s_supplicant_api_lock) { if (!s_supplicant_api_lock) {
esp_supplicant_common_deinit();
wpa_printf(MSG_ERROR, "%s: failed to create Supplicant API lock", __func__); wpa_printf(MSG_ERROR, "%s: failed to create Supplicant API lock", __func__);
return ret; ret = -1;
goto err;
}
s_supplicant_evt_queue = xQueueCreate(3, sizeof(supplicant_event_t));
if (!s_supplicant_evt_queue) {
wpa_printf(MSG_ERROR, "%s: failed to create Supplicant event queue", __func__);
ret = -1;
goto err;
}
ret = xTaskCreate(btm_rrm_task, "btm_rrm_t", SUPPLICANT_TASK_STACK_SIZE, NULL, 2, &s_supplicant_task_hdl);
if (ret != pdPASS) {
wpa_printf(MSG_ERROR, "btm: failed to create task");
ret = -1;
goto err;
} }
esp_scan_init(wpa_s); esp_scan_init(wpa_s);
@ -287,7 +300,6 @@ int esp_supplicant_common_init(struct wpa_funcs *wpa_cb)
wpa_s->type = 0; wpa_s->type = 0;
wpa_s->subtype = 0; wpa_s->subtype = 0;
wpa_s->type |= (1 << WLAN_FC_STYPE_BEACON) | (1 << WLAN_FC_STYPE_PROBE_RESP);
esp_wifi_register_mgmt_frame_internal(wpa_s->type, wpa_s->subtype); esp_wifi_register_mgmt_frame_internal(wpa_s->type, wpa_s->subtype);
wpa_cb->wpa_sta_rx_mgmt = ieee80211_handle_rx_frm; wpa_cb->wpa_sta_rx_mgmt = ieee80211_handle_rx_frm;
/* Matching is done only for MBO at the moment, this can be extended for other features*/ /* Matching is done only for MBO at the moment, this can be extended for other features*/
@ -298,15 +310,15 @@ int esp_supplicant_common_init(struct wpa_funcs *wpa_cb)
wpa_cb->wpa_sta_profile_match = NULL; wpa_cb->wpa_sta_profile_match = NULL;
#endif #endif
return 0; return 0;
err:
esp_supplicant_common_deinit();
return ret;
} }
void esp_supplicant_common_deinit(void) void esp_supplicant_common_deinit(void)
{ {
struct wpa_supplicant *wpa_s = &g_wpa_supp; struct wpa_supplicant *wpa_s = &g_wpa_supp;
if (esp_supplicant_post_evt(SIG_SUPPLICANT_DEL_TASK, 0) != 0) {
wpa_printf(MSG_ERROR, "failed to send task delete event");
}
esp_scan_deinit(wpa_s); esp_scan_deinit(wpa_s);
wpas_rrm_reset(wpa_s); wpas_rrm_reset(wpa_s);
wpas_clear_beacon_rep_data(wpa_s); wpas_clear_beacon_rep_data(wpa_s);
@ -314,6 +326,21 @@ void esp_supplicant_common_deinit(void)
&supplicant_sta_conn_handler); &supplicant_sta_conn_handler);
esp_event_handler_unregister(WIFI_EVENT, WIFI_EVENT_STA_DISCONNECTED, esp_event_handler_unregister(WIFI_EVENT, WIFI_EVENT_STA_DISCONNECTED,
&supplicant_sta_disconn_handler); &supplicant_sta_disconn_handler);
if (wpa_s->type) {
wpa_s->type = 0;
esp_wifi_register_mgmt_frame_internal(wpa_s->type, wpa_s->subtype);
}
if (!s_supplicant_task_hdl && esp_supplicant_post_evt(SIG_SUPPLICANT_DEL_TASK, 0) != 0) {
if (s_supplicant_evt_queue) {
vQueueDelete(s_supplicant_evt_queue);
s_supplicant_evt_queue = NULL;
}
if (s_supplicant_api_lock) {
vSemaphoreDelete(s_supplicant_api_lock);
s_supplicant_api_lock = NULL;
}
wpa_printf(MSG_ERROR, "failed to send task delete event");
}
} }
int esp_rrm_send_neighbor_rep_request(neighbor_rep_request_cb cb, int esp_rrm_send_neighbor_rep_request(neighbor_rep_request_cb cb,
@ -587,12 +614,20 @@ int esp_supplicant_post_evt(uint32_t evt_id, uint32_t data)
evt->id = evt_id; evt->id = evt_id;
evt->data = data; evt->data = data;
SUPPLICANT_API_LOCK(); /* Make sure lock exists before taking it */
if (s_supplicant_api_lock) {
SUPPLICANT_API_LOCK();
} else {
os_free(evt);
return -1;
}
if (xQueueSend(s_supplicant_evt_queue, &evt, 10 / portTICK_PERIOD_MS ) != pdPASS) { if (xQueueSend(s_supplicant_evt_queue, &evt, 10 / portTICK_PERIOD_MS ) != pdPASS) {
SUPPLICANT_API_UNLOCK(); SUPPLICANT_API_UNLOCK();
os_free(evt); os_free(evt);
return -1; return -1;
} }
SUPPLICANT_API_UNLOCK(); if (evt_id != SIG_SUPPLICANT_DEL_TASK) {
SUPPLICANT_API_UNLOCK();
}
return 0; return 0;
} }

46
components/wpa_supplicant/esp_supplicant/src/esp_dpp.c
View File

@ -1,5 +1,5 @@
/* /*
* SPDX-FileCopyrightText: 2020-2021 Espressif Systems (Shanghai) CO LTD * SPDX-FileCopyrightText: 2020-2022 Espressif Systems (Shanghai) CO LTD
* *
* SPDX-License-Identifier: Apache-2.0 * SPDX-License-Identifier: Apache-2.0
*/ */
@ -12,7 +12,8 @@
#include "esp_wifi.h" #include "esp_wifi.h"
#include "common/ieee802_11_defs.h" #include "common/ieee802_11_defs.h"
static void *s_dpp_task_hdl = NULL; #ifdef CONFIG_DPP
static TaskHandle_t s_dpp_task_hdl = NULL;
static void *s_dpp_evt_queue = NULL; static void *s_dpp_evt_queue = NULL;
static void *s_dpp_api_lock = NULL; static void *s_dpp_api_lock = NULL;
@ -34,22 +35,36 @@ struct action_rx_param {
static int esp_dpp_post_evt(uint32_t evt_id, uint32_t data) static int esp_dpp_post_evt(uint32_t evt_id, uint32_t data)
{ {
DPP_API_LOCK();
dpp_event_t *evt = os_zalloc(sizeof(dpp_event_t)); dpp_event_t *evt = os_zalloc(sizeof(dpp_event_t));
int ret = ESP_OK;
if (evt == NULL) { if (evt == NULL) {
DPP_API_UNLOCK(); ret = ESP_ERR_NO_MEM;
return ESP_ERR_NO_MEM; goto end;
} }
evt->id = evt_id; evt->id = evt_id;
evt->data = data; evt->data = data;
if ( xQueueSend(s_dpp_evt_queue, &evt, 10 / portTICK_PERIOD_MS ) != pdPASS) { if (s_dpp_api_lock) {
DPP_API_UNLOCK(); DPP_API_LOCK();
os_free(evt); } else {
return ESP_ERR_DPP_FAILURE; ret = ESP_ERR_DPP_FAILURE;
goto end;
} }
DPP_API_UNLOCK(); if (xQueueSend(s_dpp_evt_queue, &evt, 10 / portTICK_PERIOD_MS ) != pdPASS) {
return ESP_OK; DPP_API_UNLOCK();
ret = ESP_ERR_DPP_FAILURE;
goto end;
}
if (evt_id != SIG_DPP_DEL_TASK) {
DPP_API_UNLOCK();
}
return ret;
end:
if (evt) {
os_free(evt);
}
return ret;
} }
static void esp_dpp_call_cb(esp_supp_dpp_event_t evt, void *data) static void esp_dpp_call_cb(esp_supp_dpp_event_t evt, void *data)
@ -616,7 +631,7 @@ esp_err_t esp_supp_dpp_init(esp_supp_dpp_event_cb_t cb)
s_dpp_stop_listening = false; s_dpp_stop_listening = false;
s_dpp_evt_queue = xQueueCreate(3, sizeof(dpp_event_t)); s_dpp_evt_queue = xQueueCreate(3, sizeof(dpp_event_t));
ret = xTaskCreate(esp_dpp_task, "dppT", DPP_TASK_STACK_SIZE, NULL, 2, s_dpp_task_hdl); ret = xTaskCreate(esp_dpp_task, "dppT", DPP_TASK_STACK_SIZE, NULL, 2, &s_dpp_task_hdl);
if (ret != pdPASS) { if (ret != pdPASS) {
wpa_printf(MSG_ERROR, "DPP: failed to create task"); wpa_printf(MSG_ERROR, "DPP: failed to create task");
return ESP_FAIL; return ESP_FAIL;
@ -652,7 +667,12 @@ void esp_supp_dpp_deinit(void)
params->key = NULL; params->key = NULL;
} }
esp_event_handler_unregister(WIFI_EVENT, WIFI_EVENT_ACTION_TX_STATUS,
&offchan_event_handler);
esp_event_handler_unregister(WIFI_EVENT, WIFI_EVENT_ROC_DONE,
&offchan_event_handler);
s_dpp_auth_retries = 0; s_dpp_auth_retries = 0;
dpp_global_deinit(s_dpp_ctx.dpp_global); dpp_global_deinit(s_dpp_ctx.dpp_global);
esp_dpp_post_evt(SIG_DPP_DEL_TASK, 0); esp_dpp_post_evt(SIG_DPP_DEL_TASK, 0);
} }
#endif

5
components/wpa_supplicant/esp_supplicant/src/esp_scan.c
View File

@ -19,6 +19,7 @@
#include "common/ieee802_11_common.h" #include "common/ieee802_11_common.h"
#include "esp_common_i.h" #include "esp_common_i.h"
#include "common/wnm_sta.h" #include "common/wnm_sta.h"
#include "esp_scan_i.h"
extern struct wpa_supplicant g_wpa_supp; extern struct wpa_supplicant g_wpa_supp;
@ -28,11 +29,11 @@ static void scan_done_event_handler(void *arg, STATUS status)
/* update last scan time */ /* update last scan time */
wpa_s->scan_start_tsf = esp_wifi_get_tsf_time(WIFI_IF_STA); wpa_s->scan_start_tsf = esp_wifi_get_tsf_time(WIFI_IF_STA);
if (!wpa_s->scanning) { if (wpa_s->scanning) {
wpa_s->type &= ~(1 << WLAN_FC_STYPE_BEACON) & ~(1 << WLAN_FC_STYPE_PROBE_RESP); wpa_s->type &= ~(1 << WLAN_FC_STYPE_BEACON) & ~(1 << WLAN_FC_STYPE_PROBE_RESP);
esp_wifi_register_mgmt_frame_internal(wpa_s->type, wpa_s->subtype); esp_wifi_register_mgmt_frame_internal(wpa_s->type, wpa_s->subtype);
} }
esp_supplicant_post_evt(SIG_SUPPLICANT_SCAN_DONE, 0); esp_supplicant_handle_scan_done_evt();
} }
static void handle_wnm_scan_done(struct wpa_supplicant *wpa_s) static void handle_wnm_scan_done(struct wpa_supplicant *wpa_s)

4
components/wpa_supplicant/esp_supplicant/src/esp_wpa2.c
View File

@ -64,7 +64,7 @@ static int wpa2_start_eapol_internal(void);
int wpa2_post(uint32_t sig, uint32_t par); int wpa2_post(uint32_t sig, uint32_t par);
#ifdef USE_WPA2_TASK #ifdef USE_WPA2_TASK
static void *s_wpa2_task_hdl = NULL; static TaskHandle_t s_wpa2_task_hdl = NULL;
static void *s_wpa2_queue = NULL; static void *s_wpa2_queue = NULL;
static wpa2_state_t s_wpa2_state = WPA2_STATE_DISABLED; static wpa2_state_t s_wpa2_state = WPA2_STATE_DISABLED;
static void *s_wpa2_api_lock = NULL; static void *s_wpa2_api_lock = NULL;
@ -784,7 +784,7 @@ static int eap_peer_sm_init(void)
gEapSm = sm; gEapSm = sm;
#ifdef USE_WPA2_TASK #ifdef USE_WPA2_TASK
s_wpa2_queue = xQueueCreate(SIG_WPA2_MAX, sizeof(s_wpa2_queue)); s_wpa2_queue = xQueueCreate(SIG_WPA2_MAX, sizeof(s_wpa2_queue));
ret = xTaskCreate(wpa2_task, "wpa2T", WPA2_TASK_STACK_SIZE, NULL, 2, s_wpa2_task_hdl); ret = xTaskCreate(wpa2_task, "wpa2T", WPA2_TASK_STACK_SIZE, NULL, 2, &s_wpa2_task_hdl);
if (ret != pdPASS) { if (ret != pdPASS) {
wpa_printf(MSG_ERROR, "wps enable: failed to create task"); wpa_printf(MSG_ERROR, "wps enable: failed to create task");
ret = ESP_FAIL; ret = ESP_FAIL;

14
components/wpa_supplicant/src/common/dpp.c
View File

@ -847,7 +847,7 @@ static int dpp_derive_k1(const u8 *Mx, size_t Mx_len, u8 *k1,
/* HKDF-Expand(PRK, info, L) */ /* HKDF-Expand(PRK, info, L) */
res = dpp_hkdf_expand(hash_len, prk, hash_len, info, k1, hash_len); res = dpp_hkdf_expand(hash_len, prk, hash_len, info, k1, hash_len);
os_memset(prk, 0, hash_len); forced_memzero(prk, hash_len);
if (res < 0) if (res < 0)
return -1; return -1;
@ -876,7 +876,7 @@ static int dpp_derive_k2(const u8 *Nx, size_t Nx_len, u8 *k2,
/* HKDF-Expand(PRK, info, L) */ /* HKDF-Expand(PRK, info, L) */
res = dpp_hkdf_expand(hash_len, prk, hash_len, info, k2, hash_len); res = dpp_hkdf_expand(hash_len, prk, hash_len, info, k2, hash_len);
os_memset(prk, 0, hash_len); forced_memzero(prk, hash_len);
if (res < 0) if (res < 0)
return -1; return -1;
@ -935,7 +935,7 @@ static int dpp_derive_ke(struct dpp_authentication *auth, u8 *ke,
/* HKDF-Expand(PRK, info, L) */ /* HKDF-Expand(PRK, info, L) */
res = dpp_hkdf_expand(hash_len, prk, hash_len, info_ke, ke, hash_len); res = dpp_hkdf_expand(hash_len, prk, hash_len, info_ke, ke, hash_len);
os_memset(prk, 0, hash_len); forced_memzero(prk, hash_len);
if (res < 0) if (res < 0)
return -1; return -1;
@ -3938,7 +3938,7 @@ static void dpp_build_legacy_cred_params(struct wpabuf *buf,
wpa_snprintf_hex(psk, sizeof(psk), wpa_snprintf_hex(psk, sizeof(psk),
conf->psk, sizeof(conf->psk)); conf->psk, sizeof(conf->psk));
json_add_string(buf, "psk_hex", psk); json_add_string(buf, "psk_hex", psk);
os_memset(psk, 0, sizeof(psk)); forced_memzero(psk, sizeof(psk));
} }
} }
@ -4110,6 +4110,8 @@ skip_groups:
goto fail; goto fail;
signature = os_malloc(2 * curve->prime_len); signature = os_malloc(2 * curve->prime_len);
if (!signature)
goto fail;
if (dpp_bn2bin_pad(r, signature, curve->prime_len) < 0 || if (dpp_bn2bin_pad(r, signature, curve->prime_len) < 0 ||
dpp_bn2bin_pad(s, signature + curve->prime_len, dpp_bn2bin_pad(s, signature + curve->prime_len,
curve->prime_len) < 0) curve->prime_len) < 0)
@ -5728,7 +5730,7 @@ static int dpp_derive_pmk(const u8 *Nx, size_t Nx_len, u8 *pmk,
/* HKDF-Expand(PRK, info, L) */ /* HKDF-Expand(PRK, info, L) */
res = dpp_hkdf_expand(hash_len, prk, hash_len, info, pmk, hash_len); res = dpp_hkdf_expand(hash_len, prk, hash_len, info, pmk, hash_len);
os_memset(prk, 0, hash_len); forced_memzero(prk, hash_len);
if (res < 0) if (res < 0)
return -1; return -1;
@ -5933,7 +5935,7 @@ dpp_peer_intro(struct dpp_introduction *intro, const char *own_connector,
fail: fail:
if (ret != DPP_STATUS_OK) if (ret != DPP_STATUS_OK)
os_memset(intro, 0, sizeof(*intro)); os_memset(intro, 0, sizeof(*intro));
os_memset(Nx, 0, sizeof(Nx)); forced_memzero(Nx, sizeof(Nx));
os_free(own_conn); os_free(own_conn);
os_free(signed_connector); os_free(signed_connector);
os_free(info.payload); os_free(info.payload);

8
components/wpa_supplicant/src/common/sae.c
View File

@ -147,7 +147,7 @@ static struct crypto_bignum * sae_get_rand(struct sae_data *sae)
break; break;
} }
os_memset(val, 0, order_len); forced_memzero(val, order_len);
return bn; return bn;
} }
@ -830,11 +830,11 @@ static int sae_derive_keys(struct sae_data *sae, const u8 *k)
if (sha256_prf(keyseed, sizeof(keyseed), "SAE KCK and PMK", if (sha256_prf(keyseed, sizeof(keyseed), "SAE KCK and PMK",
val, sae->tmp->prime_len, keys, sizeof(keys)) < 0) val, sae->tmp->prime_len, keys, sizeof(keys)) < 0)
goto fail; goto fail;
os_memset(keyseed, 0, sizeof(keyseed)); forced_memzero(keyseed, sizeof(keyseed));
os_memcpy(sae->tmp->kck, keys, SAE_KCK_LEN); os_memcpy(sae->tmp->kck, keys, SAE_KCK_LEN);
os_memcpy(sae->pmk, keys + SAE_KCK_LEN, SAE_PMK_LEN); os_memcpy(sae->pmk, keys + SAE_KCK_LEN, SAE_PMK_LEN);
os_memcpy(sae->pmkid, val, SAE_PMKID_LEN); os_memcpy(sae->pmkid, val, SAE_PMKID_LEN);
os_memset(keys, 0, sizeof(keys)); forced_memzero(keys, sizeof(keys));
wpa_hexdump_key(MSG_DEBUG, "SAE: KCK", sae->tmp->kck, SAE_KCK_LEN); wpa_hexdump_key(MSG_DEBUG, "SAE: KCK", sae->tmp->kck, SAE_KCK_LEN);
wpa_hexdump_key(MSG_DEBUG, "SAE: PMK", sae->pmk, SAE_PMK_LEN); wpa_hexdump_key(MSG_DEBUG, "SAE: PMK", sae->pmk, SAE_PMK_LEN);
@ -1181,8 +1181,6 @@ static int sae_parse_password_identifier(struct sae_data *sae,
sae->tmp->pw_id); sae->tmp->pw_id);
return WLAN_STATUS_UNKNOWN_PASSWORD_IDENTIFIER; return WLAN_STATUS_UNKNOWN_PASSWORD_IDENTIFIER;
} }
os_free(sae->tmp->pw_id);
sae->tmp->pw_id = NULL;
return WLAN_STATUS_SUCCESS; /* No Password Identifier */ return WLAN_STATUS_SUCCESS; /* No Password Identifier */
} }

4
components/wpa_supplicant/src/common/scan.c
View File

@ -36,6 +36,10 @@ void wpa_supplicant_req_scan(struct wpa_supplicant *wpa_s, int sec, int usec)
wpa_dbg(wpa_s, MSG_DEBUG, "Already scanning - Return"); wpa_dbg(wpa_s, MSG_DEBUG, "Already scanning - Return");
return; return;
} }
if (!wpa_s->current_bss) {
wpa_dbg(wpa_s, MSG_INFO, "Current BSS is null - Return");
return;
}
params = os_zalloc(sizeof(*params)); params = os_zalloc(sizeof(*params));
if (!params) { if (!params) {

7
components/wpa_supplicant/src/common/wnm_sta.c
View File

@ -308,12 +308,15 @@ bool wpa_scan_res_match(struct wpa_supplicant *wpa_s,
return false; return false;
} }
/* TODO security Match */ /* Just check for Open/secure mode */
if ((current_bss->caps & WLAN_CAPABILITY_PRIVACY) != (target_bss->caps & WLAN_CAPABILITY_PRIVACY)) {
wpa_printf(MSG_DEBUG, "WNM: Security didn't match");
return false;
}
return true; return true;
} }
static struct wpa_bss * static struct wpa_bss *
compare_scan_neighbor_results(struct wpa_supplicant *wpa_s, os_time_t age_secs, compare_scan_neighbor_results(struct wpa_supplicant *wpa_s, os_time_t age_secs,
enum mbo_transition_reject_reason *reason) enum mbo_transition_reject_reason *reason)

4
components/wpa_supplicant/src/crypto/des-internal.c
View File

@ -419,8 +419,8 @@ int des_encrypt(const u8 *clear, const u8 *key, u8 *cypher)
WPA_PUT_BE32(cypher, work[0]); WPA_PUT_BE32(cypher, work[0]);
WPA_PUT_BE32(cypher + 4, work[1]); WPA_PUT_BE32(cypher + 4, work[1]);
os_memset(pkey, 0, sizeof(pkey)); forced_memzero(pkey, sizeof(pkey));
os_memset(ek, 0, sizeof(ek)); forced_memzero(ek, sizeof(ek));
return 0; return 0;
} }

2
components/wpa_supplicant/src/crypto/libtommath.h
View File

@ -1657,7 +1657,7 @@ mp_div(mp_int * a, mp_int * b, mp_int * c, mp_int * d)
} }
/* init our temps */ /* init our temps */
if ((res = mp_init_multi(&ta, &tb, &tq, &q, NULL) != MP_OKAY)) { if ((res = mp_init_multi(&ta, &tb, &tq, &q, NULL)) != MP_OKAY) {
return res; return res;
} }

2
components/wpa_supplicant/src/tls/libtommath.h
View File

@ -1653,7 +1653,7 @@ mp_div(mp_int * a, mp_int * b, mp_int * c, mp_int * d)
} }
/* init our temps */ /* init our temps */
if ((res = mp_init_multi(&ta, &tb, &tq, &q, NULL) != MP_OKAY)) { if ((res = mp_init_multi(&ta, &tb, &tq, &q, NULL)) != MP_OKAY) {
return res; return res;
} }

3
components/wpa_supplicant/src/wps/wps.c
View File

@ -71,6 +71,9 @@ int wps_is_selected_pbc_registrar(const struct wpabuf *msg)
{ {
struct wps_parse_attr *attr = (struct wps_parse_attr *)os_zalloc(sizeof(struct wps_parse_attr)); struct wps_parse_attr *attr = (struct wps_parse_attr *)os_zalloc(sizeof(struct wps_parse_attr));
if (!attr)
return 0;
/* /*
* In theory, this could also verify that attr.sel_reg_config_methods * In theory, this could also verify that attr.sel_reg_config_methods
* includes WPS_CONFIG_PUSHBUTTON, but some deployed AP implementations * includes WPS_CONFIG_PUSHBUTTON, but some deployed AP implementations

1
examples/wifi/wifi_easy_connect/dpp-enrollee/sdkconfig.defaults Normal file
View File

@ -0,0 +1 @@
CONFIG_WPA_DPP_SUPPORT=y