Hi list,
Any comment on this patch?
Thanks,
Jaap
> On 9 May 2017, at 21:04, Jaap Keuter <jaap.keuter@xxxxxxxxx> wrote:
>
> IEEE802.1X-2010 section 9.3.1 states that the CKN comprises of 1 to 32
> octets, and no further restrictions are placed on it. Therefore change
> the code reading the preshared CKN so that these sizes are accepted.
>
> Signed-off-by: Jaap Keuter <jaap.keuter@xxxxxxxxx>
> ---
> wpa_supplicant/config.c | 12 ++++++++++--
> 1 file changed, 10 insertions(+), 2 deletions(-)
>
> diff --git a/wpa_supplicant/config.c b/wpa_supplicant/config.c
> index 9ef11d86d..a4ff7f998 100644
> --- a/wpa_supplicant/config.c
> +++ b/wpa_supplicant/config.c
> @@ -1898,8 +1898,16 @@ static int wpa_config_parse_mka_ckn(const struct parse_data *data,
> struct wpa_ssid *ssid, int line,
> const char *value)
> {
> - if (hexstr2bin(value, ssid->mka_ckn, MACSEC_CKN_LEN) ||
> - value[MACSEC_CKN_LEN * 2] != '\0') {
> + size_t ckn_str_len = os_strlen(value);
> +
> + if (ckn_str_len == 0 || (ckn_str_len & 1) == 1 ||
> + ckn_str_len > MACSEC_CKN_LEN * 2) {
> + wpa_printf(MSG_ERROR, "Line %d: Invalid size MKA-CKN '%s'.",
> + line, value);
> + return -1;
> + }
> +
> + if (hexstr2bin(value, ssid->mka_ckn, ckn_str_len / 2)) {
> wpa_printf(MSG_ERROR, "Line %d: Invalid MKA-CKN '%s'.",
> line, value);
> return -1;
> --
> 2.11.0
>
>
> _______________________________________________
> Hostap mailing list
> Hostap@xxxxxxxxxxxxxxxxxxx
> http://lists.infradead.org/mailman/listinfo/hostap
_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap
