Handle preshared CKN sizes from 1 to 32 octets

Message ID 20170509190449.7947-1-jaap.keuter@xs4all.nl
State New
Headers show

Commit Message

Jaap Keuter May 9, 2017, 7:04 p.m.
IEEE802.1X-2010 section 9.3.1 states that the CKN comprises of 1 to 32
octets, and no further restrictions are placed on it. Therefore change
the code reading the preshared CKN so that these sizes are accepted.

Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
---
 wpa_supplicant/config.c | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

Comments

Jaap Keuter May 17, 2017, 11:41 a.m. | #1
Hi list,

Any comment on this patch?

Thanks,
Jaap



> On 9 May 2017, at 21:04, Jaap Keuter <jaap.keuter@xs4all.nl> wrote:
> 
> IEEE802.1X-2010 section 9.3.1 states that the CKN comprises of 1 to 32
> octets, and no further restrictions are placed on it. Therefore change
> the code reading the preshared CKN so that these sizes are accepted.
> 
> Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
> ---
> wpa_supplicant/config.c | 12 ++++++++++--
> 1 file changed, 10 insertions(+), 2 deletions(-)
> 
> diff --git a/wpa_supplicant/config.c b/wpa_supplicant/config.c
> index 9ef11d86d..a4ff7f998 100644
> --- a/wpa_supplicant/config.c
> +++ b/wpa_supplicant/config.c
> @@ -1898,8 +1898,16 @@ static int wpa_config_parse_mka_ckn(const struct parse_data *data,
> 				    struct wpa_ssid *ssid, int line,
> 				    const char *value)
> {
> -	if (hexstr2bin(value, ssid->mka_ckn, MACSEC_CKN_LEN) ||
> -	    value[MACSEC_CKN_LEN * 2] != '\0') {
> +	size_t ckn_str_len = os_strlen(value);
> +
> +	if (ckn_str_len == 0 || (ckn_str_len & 1) == 1 ||
> +		ckn_str_len > MACSEC_CKN_LEN * 2) {
> +		wpa_printf(MSG_ERROR, "Line %d: Invalid size MKA-CKN '%s'.",
> +			   line, value);
> +		return -1;
> +	}
> +
> +	if (hexstr2bin(value, ssid->mka_ckn, ckn_str_len / 2)) {
> 		wpa_printf(MSG_ERROR, "Line %d: Invalid MKA-CKN '%s'.",
> 			   line, value);
> 		return -1;
> -- 
> 2.11.0
> 
> 
> _______________________________________________
> Hostap mailing list
> Hostap@lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/hostap

Patch

diff --git a/wpa_supplicant/config.c b/wpa_supplicant/config.c
index 9ef11d86d..a4ff7f998 100644
--- a/wpa_supplicant/config.c
+++ b/wpa_supplicant/config.c
@@ -1898,8 +1898,16 @@  static int wpa_config_parse_mka_ckn(const struct parse_data *data,
 				    struct wpa_ssid *ssid, int line,
 				    const char *value)
 {
-	if (hexstr2bin(value, ssid->mka_ckn, MACSEC_CKN_LEN) ||
-	    value[MACSEC_CKN_LEN * 2] != '\0') {
+	size_t ckn_str_len = os_strlen(value);
+
+	if (ckn_str_len == 0 || (ckn_str_len & 1) == 1 ||
+		ckn_str_len > MACSEC_CKN_LEN * 2) {
+		wpa_printf(MSG_ERROR, "Line %d: Invalid size MKA-CKN '%s'.",
+			   line, value);
+		return -1;
+	}
+
+	if (hexstr2bin(value, ssid->mka_ckn, ckn_str_len / 2)) {
 		wpa_printf(MSG_ERROR, "Line %d: Invalid MKA-CKN '%s'.",
 			   line, value);
 		return -1;