From patchwork Sun Jan 12 22:02:23 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Janusz Dziedzic X-Patchwork-Id: 1221880 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20170209 header.b=RwZd9h/T; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=BT9eVfnU; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 47wrMp2PW1z9s4Y for ; Mon, 13 Jan 2020 09:03:50 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:MIME-Version:Cc:List-Subscribe: List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:References: In-Reply-To:Message-Id:Date:Subject:To:From:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Owner; bh=3BkSOBj39sX1GgEyqSd7ky19jr5HdhUlgACgjiWfDgQ=; b=RwZd9h/TDXiExU9dwv0/C8gxih r0YvelgAn7q4RxTFNnkZ9WX41fo4bApHj4qdmQP8WVRHWXCzvI3hPyorn2Cdz30C3HY81M4PnVys0 B2bpSmRE8HpgV/SCivTq6s0n8+pjBOhf6FMIdAgKCSKmbZALzgFQUOpEGpd0JC++ZOmQaoyUPuccl xtY9cAwtIV64eawHbuWap6Mj/0ecW1M5dF9ItOlP8R1jN+QEWWPiuE1Zw1qfulirXFnRb/C7llEu/ pXNFLOv69JTVfFbkf+xzMCirUal4jAFtl62skv0UUDWooK1s5FnhZkvQB7FWTw/Nj44E2+duLhdpA EP6qgJSA==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1iqlKk-0003SD-QJ; Sun, 12 Jan 2020 22:03:46 +0000 Received: from mail-lf1-x142.google.com ([2a00:1450:4864:20::142]) by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1iqlJk-00029k-B0 for hostap@lists.infradead.org; Sun, 12 Jan 2020 22:02:46 +0000 Received: by mail-lf1-x142.google.com with SMTP id 203so5392584lfa.12 for ; Sun, 12 Jan 2020 14:02:44 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=w3hz8JOmjeZYylK6lBoCIULZ/EbX/oFobGJJeGNuW3k=; b=BT9eVfnUwhH6Fi115lERcZXI2MS48T4oIISJ4HmXupuvS/gG/kRY1ltCXJP4wsWiyI IjYrrexb35BlHwHTEblMahMd9GXPBVSDjsrOVZRhMdK6jiRc2BJ0M8NKZrLuiOQD7kl2 taBlFfNE8jRcvKNnYbkos0vxLin3oRTZwlX8s04ba247HT6AyzTMFFPvXw00gpysjHJG DpPg41u3h55LynpIQzt19/a4Jv7cqa1ASD2dMw6V5gLIOTW6l/te4JR/g0k0IPkNmqYw 1ppykgB8zHiPIJYaikDXUFJxgS41si8/CaR41pJxHITqYHhV1oH2FngP9ASkl2Sn76eD i2iw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=w3hz8JOmjeZYylK6lBoCIULZ/EbX/oFobGJJeGNuW3k=; b=PmlIcUmFFvZEEIrNSFxsOVRlRUSwVNuUERuaJDY4c7fuxVSE1Nqce/foAzL3ow1dwv LfFpEc+ZbA8wX8lOMpx+1HBe3sAOAR/p8IJWucyDo6W0++obmL/71zPXHEA6SNALcR24 l0NXMRAQJa4yNxGXAqLBiCI3FKHwj4v8RKF23QbhNgy0CQeEwynDSB0MGduBMRljaTR7 xu5Ov0+yBfGFofvqGYV1omdjyYKUeNNNuNa+Y/ExpTDVT52lbWMYMBm2HwsXWSEqGw2e aHY+ZeecM/gvLU2AmjxLkQ2y13rXmqiiq0D2cAqYRWuEQScLreLNDpq/nqa2W0GPffO1 2UIg== X-Gm-Message-State: APjAAAWB+zSlvSIpnNTyvn3M08OH8p7logx8wLAqGSZnmAPanSBoRbjy wFNJ2pmfBLi4e3Ui7XvCz7Y21JJx X-Google-Smtp-Source: APXvYqyEqoYjQzafsIx+ttrODfDo3y2p9QqKkCVv0YQcyt9KTIwGIuwcdEFA/aSxRlRpW5s5njCIXg== X-Received: by 2002:ac2:5a43:: with SMTP id r3mr7880199lfn.150.1578866562484; Sun, 12 Jan 2020 14:02:42 -0800 (PST) Received: from e4300.lan ([62.141.210.6]) by smtp.gmail.com with ESMTPSA id u18sm4831325lje.69.2020.01.12.14.02.41 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 12 Jan 2020 14:02:41 -0800 (PST) From: Janusz Dziedzic To: hostap@lists.infradead.org Subject: [PATCH 09/12] hostapd: ctrl_iface: udp remove global cookies Date: Sun, 12 Jan 2020 23:02:23 +0100 Message-Id: <20200112220226.5056-9-janusz.dziedzic@gmail.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20200112220226.5056-1-janusz.dziedzic@gmail.com> References: <20200112220226.5056-1-janusz.dziedzic@gmail.com> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200112_140244_447501_BC490B0F X-CRM114-Status: GOOD ( 13.29 ) X-Spam-Score: -0.2 (/) X-Spam-Report: SpamAssassin version 3.4.2 on bombadil.infradead.org summary: Content analysis details: (-0.2 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2a00:1450:4864:20:0:0:0:142 listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (janusz.dziedzic[at]gmail.com) 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: j@w1.fi, Janusz Dziedzic MIME-Version: 1.0 Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Seems for CONFIG_CTRL_IFACE=udp we used global defined cookies. This break all multi bss test cases when UDP interface was used. So, after: hapd1 = hostapd.add_bss(apdev[0], ifname1, 'bss-1.conf') hapd2 = hostapd.add_bss(apdev[0], ifname2, 'bss-2.conf') hapd1->ping() don't work. This patch fix it. Signed-off-by: Janusz Dziedzic --- hostapd/ctrl_iface.c | 37 +++++++++++++++++-------------------- src/ap/hostapd.h | 13 +++++++++++++ 2 files changed, 30 insertions(+), 20 deletions(-) diff --git a/hostapd/ctrl_iface.c b/hostapd/ctrl_iface.c index 0ef38e9f7..15cc152df 100644 --- a/hostapd/ctrl_iface.c +++ b/hostapd/ctrl_iface.c @@ -65,9 +65,6 @@ #define HOSTAPD_CLI_DUP_VALUE_MAX_LEN 256 #ifdef CONFIG_CTRL_IFACE_UDP -#define COOKIE_LEN 8 -static unsigned char cookie[COOKIE_LEN]; -static unsigned char gcookie[COOKIE_LEN]; #define HOSTAPD_CTRL_IFACE_PORT 8877 #define HOSTAPD_CTRL_IFACE_PORT_LIMIT 50 #define HOSTAPD_GLOBAL_CTRL_IFACE_PORT 8878 @@ -3456,7 +3453,7 @@ static void hostapd_ctrl_iface_receive(int sock, void *eloop_ctx, int reply_len; int level = MSG_DEBUG; #ifdef CONFIG_CTRL_IFACE_UDP - unsigned char lcookie[COOKIE_LEN]; + unsigned char lcookie[CTRL_IFACE_COOKIE_LEN]; #endif /* CONFIG_CTRL_IFACE_UDP */ res = recvfrom(sock, buf, sizeof(buf) - 1, 0, @@ -3481,28 +3478,28 @@ static void hostapd_ctrl_iface_receive(int sock, void *eloop_ctx, #ifdef CONFIG_CTRL_IFACE_UDP if (os_strcmp(buf, "GET_COOKIE") == 0) { os_memcpy(reply, "COOKIE=", 7); - wpa_snprintf_hex(reply + 7, 2 * COOKIE_LEN + 1, - cookie, COOKIE_LEN); - reply_len = 7 + 2 * COOKIE_LEN; + wpa_snprintf_hex(reply + 7, 2 * CTRL_IFACE_COOKIE_LEN + 1, + hapd->ctrl_iface_cookie, CTRL_IFACE_COOKIE_LEN); + reply_len = 7 + 2 * CTRL_IFACE_COOKIE_LEN; goto done; } if (os_strncmp(buf, "COOKIE=", 7) != 0 || - hexstr2bin(buf + 7, lcookie, COOKIE_LEN) < 0) { + hexstr2bin(buf + 7, lcookie, CTRL_IFACE_COOKIE_LEN) < 0) { wpa_printf(MSG_DEBUG, "CTRL: No cookie in the request - drop request"); os_free(reply); return; } - if (os_memcmp(cookie, lcookie, COOKIE_LEN) != 0) { + if (os_memcmp(hapd->ctrl_iface_cookie, lcookie, CTRL_IFACE_COOKIE_LEN) != 0) { wpa_printf(MSG_DEBUG, "CTRL: Invalid cookie in the request - drop request"); os_free(reply); return; } - pos = buf + 7 + 2 * COOKIE_LEN; + pos = buf + 7 + 2 * CTRL_IFACE_COOKIE_LEN; while (*pos == ' ') pos++; #endif /* CONFIG_CTRL_IFACE_UDP */ @@ -3591,7 +3588,7 @@ int hostapd_ctrl_iface_init(struct hostapd_data *hapd) dl_list_init(&hapd->ctrl_dst); hapd->ctrl_sock = -1; - os_get_random(cookie, COOKIE_LEN); + os_get_random(hapd->ctrl_iface_cookie, CTRL_IFACE_COOKIE_LEN); #ifdef CONFIG_CTRL_IFACE_UDP_REMOTE hints.ai_flags = AI_PASSIVE; @@ -4170,7 +4167,7 @@ static int hostapd_global_ctrl_iface_ifname(struct hapd_interfaces *interfaces, static void hostapd_global_ctrl_iface_receive(int sock, void *eloop_ctx, void *sock_ctx) { - void *interfaces = eloop_ctx; + struct hapd_interfaces *interfaces = eloop_ctx; char buffer[256], *buf = buffer; int res; struct sockaddr_storage from; @@ -4179,7 +4176,7 @@ static void hostapd_global_ctrl_iface_receive(int sock, void *eloop_ctx, int reply_len; const int reply_size = 4096; #ifdef CONFIG_CTRL_IFACE_UDP - unsigned char lcookie[COOKIE_LEN]; + unsigned char lcookie[CTRL_IFACE_COOKIE_LEN]; #endif /* CONFIG_CTRL_IFACE_UDP */ res = recvfrom(sock, buffer, sizeof(buffer) - 1, 0, @@ -4208,28 +4205,28 @@ static void hostapd_global_ctrl_iface_receive(int sock, void *eloop_ctx, #ifdef CONFIG_CTRL_IFACE_UDP if (os_strcmp(buf, "GET_COOKIE") == 0) { os_memcpy(reply, "COOKIE=", 7); - wpa_snprintf_hex(reply + 7, 2 * COOKIE_LEN + 1, - gcookie, COOKIE_LEN); - reply_len = 7 + 2 * COOKIE_LEN; + wpa_snprintf_hex(reply + 7, 2 * CTRL_IFACE_COOKIE_LEN + 1, + interfaces->ctrl_iface_cookie, CTRL_IFACE_COOKIE_LEN); + reply_len = 7 + 2 * CTRL_IFACE_COOKIE_LEN; goto send_reply; } if (os_strncmp(buf, "COOKIE=", 7) != 0 || - hexstr2bin(buf + 7, lcookie, COOKIE_LEN) < 0) { + hexstr2bin(buf + 7, lcookie, CTRL_IFACE_COOKIE_LEN) < 0) { wpa_printf(MSG_DEBUG, "CTRL: No cookie in the request - drop request"); os_free(reply); return; } - if (os_memcmp(gcookie, lcookie, COOKIE_LEN) != 0) { + if (os_memcmp(interfaces->ctrl_iface_cookie, lcookie, CTRL_IFACE_COOKIE_LEN) != 0) { wpa_printf(MSG_DEBUG, "CTRL: Invalid cookie in the request - drop request"); os_free(reply); return; } - buf += 7 + 2 * COOKIE_LEN; + buf += 7 + 2 * CTRL_IFACE_COOKIE_LEN; while (*buf == ' ') buf++; #endif /* CONFIG_CTRL_IFACE_UDP */ @@ -4373,7 +4370,7 @@ int hostapd_global_ctrl_iface_init(struct hapd_interfaces *interface) } } - os_get_random(gcookie, COOKIE_LEN); + os_get_random(interface->ctrl_iface_cookie, CTRL_IFACE_COOKIE_LEN); #ifdef CONFIG_CTRL_IFACE_UDP_REMOTE hints.ai_flags = AI_PASSIVE; diff --git a/src/ap/hostapd.h b/src/ap/hostapd.h index 2358d1664..91dc4c1af 100644 --- a/src/ap/hostapd.h +++ b/src/ap/hostapd.h @@ -38,6 +38,10 @@ union wps_event_data; struct mesh_conf; #endif /* CONFIG_MESH */ +#ifdef CONFIG_CTRL_IFACE_UDP +#define CTRL_IFACE_COOKIE_LEN 8 +#endif + struct hostapd_iface; struct hapd_interfaces { @@ -72,6 +76,11 @@ struct hapd_interfaces { #ifdef CONFIG_DPP struct dpp_global *dpp; #endif /* CONFIG_DPP */ + +#ifdef CONFIG_CTRL_IFACE_UDP + unsigned char ctrl_iface_cookie[CTRL_IFACE_COOKIE_LEN]; +#endif + }; enum hostapd_chan_status { @@ -395,6 +404,10 @@ struct hostapd_data { #ifdef CONFIG_SQLITE sqlite3 *rad_attr_db; #endif /* CONFIG_SQLITE */ + +#ifdef CONFIG_CTRL_IFACE_UDP + unsigned char ctrl_iface_cookie[CTRL_IFACE_COOKIE_LEN]; +#endif };