Re: [PATCH] Handle preshared CKN sizes from 1 to 32 octets

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi list,

Any comment on this patch?

Thanks,
Jaap



> On 9 May 2017, at 21:04, Jaap Keuter <jaap.keuter@xxxxxxxxx> wrote:
> 
> IEEE802.1X-2010 section 9.3.1 states that the CKN comprises of 1 to 32
> octets, and no further restrictions are placed on it. Therefore change
> the code reading the preshared CKN so that these sizes are accepted.
> 
> Signed-off-by: Jaap Keuter <jaap.keuter@xxxxxxxxx>
> ---
> wpa_supplicant/config.c | 12 ++++++++++--
> 1 file changed, 10 insertions(+), 2 deletions(-)
> 
> diff --git a/wpa_supplicant/config.c b/wpa_supplicant/config.c
> index 9ef11d86d..a4ff7f998 100644
> --- a/wpa_supplicant/config.c
> +++ b/wpa_supplicant/config.c
> @@ -1898,8 +1898,16 @@ static int wpa_config_parse_mka_ckn(const struct parse_data *data,
> 				    struct wpa_ssid *ssid, int line,
> 				    const char *value)
> {
> -	if (hexstr2bin(value, ssid->mka_ckn, MACSEC_CKN_LEN) ||
> -	    value[MACSEC_CKN_LEN * 2] != '\0') {
> +	size_t ckn_str_len = os_strlen(value);
> +
> +	if (ckn_str_len == 0 || (ckn_str_len & 1) == 1 ||
> +		ckn_str_len > MACSEC_CKN_LEN * 2) {
> +		wpa_printf(MSG_ERROR, "Line %d: Invalid size MKA-CKN '%s'.",
> +			   line, value);
> +		return -1;
> +	}
> +
> +	if (hexstr2bin(value, ssid->mka_ckn, ckn_str_len / 2)) {
> 		wpa_printf(MSG_ERROR, "Line %d: Invalid MKA-CKN '%s'.",
> 			   line, value);
> 		return -1;
> -- 
> 2.11.0
> 
> 
> _______________________________________________
> Hostap mailing list
> Hostap@xxxxxxxxxxxxxxxxxxx
> http://lists.infradead.org/mailman/listinfo/hostap


_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap



[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux