2014-12-18 10:41:33 +01:00
|
|
|
/*
|
|
|
|
*
|
|
|
|
* Wireless daemon for Linux
|
|
|
|
*
|
2019-10-25 00:43:08 +02:00
|
|
|
* Copyright (C) 2013-2019 Intel Corporation. All rights reserved.
|
2014-12-18 10:41:33 +01:00
|
|
|
*
|
|
|
|
* This library is free software; you can redistribute it and/or
|
|
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
|
|
* License as published by the Free Software Foundation; either
|
|
|
|
* version 2.1 of the License, or (at your option) any later version.
|
|
|
|
*
|
|
|
|
* This library is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
|
* Lesser General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU Lesser General Public
|
|
|
|
* License along with this library; if not, write to the Free Software
|
|
|
|
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
|
|
|
|
#ifndef __UTIL_H
|
|
|
|
#define __UTIL_H
|
|
|
|
|
|
|
|
#include <stdint.h>
|
|
|
|
#include <unistd.h>
|
2022-08-05 16:27:59 +02:00
|
|
|
#include <ell/cleanup.h>
|
2014-12-18 10:41:33 +01:00
|
|
|
|
handshake: Do not crash if handshake is destroyed
Commit 4d2176df2985 ("handshake: Allow event handler to free handshake")
introduced a re-entrancy guard so that handshake_state objects that are
destroyed as a result of the event do not cause a crash. It rightly
used a temporary object to store the passed in handshake. Unfortunately
this caused variable shadowing which resulted in crashes fixed by commit
d22b174a7318 ("handshake: use _hs directly in handshake_event").
However, since the temporary was no longer used, this fix itself caused
a crash:
#0 0x00005555f0ba8b3d in eapol_handle_ptk_1_of_4 (sm=sm@entry=0x5555f2b4a920, ek=0x5555f2b62588, ek@entry=0x16, unencrypted=unencrypted@entry=false) at src/eapol.c:1236
1236 handshake_event(sm->handshake,
(gdb) bt
#0 0x00005555f0ba8b3d in eapol_handle_ptk_1_of_4 (sm=sm@entry=0x5555f2b4a920, ek=0x5555f2b62588, ek@entry=0x16, unencrypted=unencrypted@entry=false) at src/eapol.c:1236
#1 0x00005555f0bab118 in eapol_key_handle (unencrypted=<optimized out>, frame=<optimized out>, sm=0x5555f2b4a920) at src/eapol.c:2343
#2 eapol_rx_packet (proto=<optimized out>, from=<optimized out>, frame=<optimized out>, unencrypted=<optimized out>, user_data=0x5555f2b4a920) at src/eapol.c:2665
#3 0x00005555f0bac497 in __eapol_rx_packet (ifindex=62, src=src@entry=0x5555f2b62574 "x\212 J\207\267", proto=proto@entry=34958, frame=frame@entry=0x5555f2b62588 "\002\003",
len=len@entry=121, noencrypt=noencrypt@entry=false) at src/eapol.c:3017
#4 0x00005555f0b8c617 in netdev_control_port_frame_event (netdev=0x5555f2b64450, msg=0x5555f2b62588) at src/netdev.c:5574
#5 netdev_unicast_notify (msg=msg@entry=0x5555f2b619a0, user_data=<optimized out>) at src/netdev.c:5613
#6 0x00007f60084c9a51 in dispatch_unicast_watches (msg=0x5555f2b619a0, id=<optimized out>, genl=0x5555f2b3fc80) at ell/genl.c:954
#7 process_unicast (nlmsg=0x7fff61abeac0, genl=0x5555f2b3fc80) at ell/genl.c:973
#8 received_data (io=<optimized out>, user_data=0x5555f2b3fc80) at ell/genl.c:1098
#9 0x00007f60084c61bd in io_callback (fd=<optimized out>, events=1, user_data=0x5555f2b3fd20) at ell/io.c:120
#10 0x00007f60084c536d in l_main_iterate (timeout=<optimized out>) at ell/main.c:478
#11 0x00007f60084c543e in l_main_run () at ell/main.c:525
#12 l_main_run () at ell/main.c:507
#13 0x00007f60084c5670 in l_main_run_with_signal (callback=callback@entry=0x5555f0b89150 <signal_handler>, user_data=user_data@entry=0x0) at ell/main.c:647
#14 0x00005555f0b886a4 in main (argc=<optimized out>, argv=<optimized out>) at src/main.c:532
This happens when the driver does not support rekeying, which causes iwd to
attempt a disconnect and re-connect. The disconnect action is
taken during the event callback and destroys the underlying eapol state
machine. Since a temporary isn't used, attempting to dereference
sm->handshake results in a crash.
Fix this by introducing a UNIQUE_ID macro which should prevent shadowing
and using a temporary variable as originally intended.
Fixes: d22b174a7318 ("handshake: use _hs directly in handshake_event")
Fixes: 4d2176df2985 ("handshake: Allow event handler to free handshake")
Reported-By: Toke Høiland-Jørgensen <toke@toke.dk>
Tested-by: Toke Høiland-Jørgensen <toke@toke.dk>
2022-02-02 17:54:52 +01:00
|
|
|
#define ___PASTE(a, b) a ## b
|
|
|
|
#define __PASTE(a, b) ___PASTE(a, b)
|
|
|
|
#define UNIQUE_ID(x, id) __PASTE(__unique_prefix_, __PASTE(x, id))
|
|
|
|
|
2017-01-31 18:50:06 +01:00
|
|
|
#define align_len(len, boundary) (((len)+(boundary)-1) & ~((boundary)-1))
|
|
|
|
|
2018-01-31 18:55:58 +01:00
|
|
|
#define MAC "%02x:%02x:%02x:%02x:%02x:%02x"
|
2021-09-28 00:41:34 +02:00
|
|
|
#define MAC_STR(a) (a)[0], (a)[1], (a)[2], (a)[3], (a)[4], (a)[5]
|
2018-01-31 18:55:58 +01:00
|
|
|
|
2014-12-18 10:41:33 +01:00
|
|
|
const char *util_ssid_to_utf8(size_t len, const uint8_t *ssid);
|
2015-04-08 20:18:35 +02:00
|
|
|
bool util_ssid_is_utf8(size_t len, const uint8_t *ssid);
|
2018-06-28 01:33:03 +02:00
|
|
|
bool util_ssid_is_hidden(size_t len, const uint8_t *ssid);
|
2016-06-07 01:23:17 +02:00
|
|
|
const char *util_address_to_string(const uint8_t *addr);
|
2016-08-25 04:31:54 +02:00
|
|
|
bool util_string_to_address(const char *str, uint8_t *addr);
|
2017-09-22 05:06:23 +02:00
|
|
|
bool util_is_group_address(const uint8_t *addr);
|
|
|
|
bool util_is_broadcast_address(const uint8_t *addr);
|
2020-03-19 23:58:58 +01:00
|
|
|
bool util_is_valid_sta_address(const uint8_t *addr);
|
2014-12-18 10:41:33 +01:00
|
|
|
|
2019-04-08 20:15:19 +02:00
|
|
|
const char *util_get_domain(const char *identity);
|
|
|
|
const char *util_get_username(const char *identity);
|
|
|
|
|
2020-08-03 11:08:37 +02:00
|
|
|
/*
|
|
|
|
* Returns either true_value or false_value (depending if mask is 0xFF or 0x00
|
|
|
|
* respectively).
|
|
|
|
* This constant time selection method allows to keep an identical memory
|
|
|
|
* access pattern.
|
|
|
|
*/
|
|
|
|
static inline uint8_t util_secure_select_byte(uint8_t mask,
|
|
|
|
const uint8_t true_value,
|
|
|
|
const uint8_t false_value)
|
|
|
|
{
|
|
|
|
return (mask & true_value) | (~mask & false_value);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Copies either true_value or false_value (depending if mask is 0xFF or 0x00
|
|
|
|
* respectively) into dest. All three buffers are assumed to be the same size.
|
|
|
|
* This constant time selection method allows to keep an identical memory
|
|
|
|
* access pattern.
|
|
|
|
*/
|
|
|
|
static inline void util_secure_select(uint8_t mask, const uint8_t *true_value,
|
|
|
|
const uint8_t *false_value,
|
|
|
|
uint8_t *dest, size_t size)
|
|
|
|
{
|
|
|
|
size_t i = 0;
|
|
|
|
|
|
|
|
for (; i < size; i++)
|
|
|
|
dest[i] = util_secure_select_byte(mask, true_value[i],
|
|
|
|
false_value[i]);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Create a value filled with the MSB of the input. */
|
|
|
|
static inline uint32_t util_secure_fill_with_msb(uint32_t val)
|
|
|
|
{
|
|
|
|
return (uint32_t) (val >> (sizeof(val)*8 - 1)) * 0xFFFFFFFF;
|
|
|
|
}
|
|
|
|
|
2020-10-26 21:35:13 +01:00
|
|
|
bool util_ip_prefix_tohl(const char *ip, uint8_t *prefix, uint32_t *start_out,
|
|
|
|
uint32_t *end_out, uint32_t *mask_out);
|
|
|
|
|
2021-08-27 05:02:06 +02:00
|
|
|
/* Host byte-order IPv4 netmask */
|
2021-02-26 17:17:25 +01:00
|
|
|
static inline uint32_t util_netmask_from_prefix(uint8_t prefix_len)
|
|
|
|
{
|
|
|
|
return ~((1ull << (32 - prefix_len)) - 1);
|
|
|
|
}
|
|
|
|
|
2021-08-27 05:02:06 +02:00
|
|
|
/* Expects network byte-order (big-endian) addresses */
|
|
|
|
static inline bool util_ip_subnet_match(uint8_t prefix_len,
|
|
|
|
const void *addr1, const void *addr2)
|
|
|
|
{
|
|
|
|
const uint8_t *u8_1 = addr1;
|
|
|
|
const uint8_t *u8_2 = addr2;
|
|
|
|
uint8_t pref_bytes = prefix_len / 8;
|
|
|
|
|
|
|
|
return (!pref_bytes || !memcmp(u8_1, u8_2, pref_bytes)) &&
|
|
|
|
!((u8_1[pref_bytes] ^ u8_2[pref_bytes]) &
|
|
|
|
~((1u << (8 - (prefix_len % 8))) - 1));
|
|
|
|
}
|
|
|
|
|
2021-11-30 19:24:11 +01:00
|
|
|
typedef void (*scan_freq_set_func_t)(uint32_t freq, void *userdata);
|
|
|
|
|
|
|
|
struct scan_freq_set *scan_freq_set_new(void);
|
|
|
|
void scan_freq_set_free(struct scan_freq_set *freqs);
|
|
|
|
bool scan_freq_set_add(struct scan_freq_set *freqs, uint32_t freq);
|
2022-12-13 21:36:19 +01:00
|
|
|
bool scan_freq_set_remove(struct scan_freq_set *freqs, uint32_t freq);
|
2021-11-30 19:24:11 +01:00
|
|
|
bool scan_freq_set_contains(const struct scan_freq_set *freqs, uint32_t freq);
|
2022-07-26 19:09:16 +02:00
|
|
|
uint32_t scan_freq_set_get_bands(const struct scan_freq_set *freqs);
|
2021-11-30 19:24:11 +01:00
|
|
|
void scan_freq_set_foreach(const struct scan_freq_set *freqs,
|
|
|
|
scan_freq_set_func_t func, void *user_data);
|
|
|
|
void scan_freq_set_merge(struct scan_freq_set *to,
|
|
|
|
const struct scan_freq_set *from);
|
|
|
|
void scan_freq_set_constrain(struct scan_freq_set *set,
|
|
|
|
const struct scan_freq_set *constraint);
|
2022-07-26 19:09:17 +02:00
|
|
|
void scan_freq_set_subtract(struct scan_freq_set *set,
|
|
|
|
const struct scan_freq_set *subtract);
|
2021-11-30 19:24:11 +01:00
|
|
|
bool scan_freq_set_isempty(const struct scan_freq_set *set);
|
2021-11-30 19:24:12 +01:00
|
|
|
uint32_t *scan_freq_set_to_fixed_array(const struct scan_freq_set *set,
|
|
|
|
size_t *len_out);
|
2022-08-05 00:02:47 +02:00
|
|
|
struct scan_freq_set *scan_freq_set_clone(const struct scan_freq_set *set,
|
|
|
|
uint32_t band_mask);
|
2021-11-30 19:24:11 +01:00
|
|
|
|
2022-08-05 16:27:59 +02:00
|
|
|
DEFINE_CLEANUP_FUNC(scan_freq_set_free);
|
|
|
|
|
2014-12-18 10:41:33 +01:00
|
|
|
#endif /* __UTIL_H */
|